{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T22:40:15.799","vulnerabilities":[{"cve":{"id":"CVE-2007-0863","sourceIdentifier":"cve@mitre.org","published":"2007-02-09T01:28:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"PHP remote file inclusion vulnerability in Trevorchan 0.7 and earlier allows remote attackers to execute arbitrary code via the tc_config[rootdir] parameter to (1) upgrade.php, (2) paint_save.php, (3) menu.php, (4) manage.php, and (5) banned.php.  NOTE: his issue has been disputed by reliable third parties, who state that the variable is set before use in config.php"},{"lang":"es","value":"** IMPUGNADO ** Vulnerabilidad PHP de inclusión remota de archivos en Trevorchan 0.7 y anteriores permite a atacantes remotos ejectar código de su elección a través del parámetro tc_config[rootdir] en (1) upgrade.php, (2) paint_save.php, (3) menu.php, (4) manage.php, y (5) banned.php. NOTA: este asunto ha sido impugnado por terceras partes creible, que indican que la variable estña asignada antes de su uso en config.php."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:trevorchan:trevorchan:*:*:*:*:*:*:*:*","versionEndIncluding":"0.7","matchCriteriaId":"3BDBBF23-FD9D-4988-8B32-DA6285D42134"}]}]}],"references":[{"url":"http://osvdb.org/33475","source":"cve@mitre.org"},{"url":"http://securitytracker.com/id?1017512","source":"cve@mitre.org"},{"url":"http://www.attrition.org/pipermail/vim/2007-January/001241.html","source":"cve@mitre.org"},{"url":"http://osvdb.org/33475","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://securitytracker.com/id?1017512","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.attrition.org/pipermail/vim/2007-January/001241.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}