{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-09-04T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) db_conf or (2) ADODB_DIR parameter to utils/stphpimage_show.php; or a URL in the STPHPLIB_DIR parameter to (3) stphpbutton.php, (4) stphpcheckbox.php, (5) stphpcheckboxwithcaption.php, (6) stphpcheckgroup.php, (7) stphpcomponent.php, (8) stphpcontrolwithcaption.php, (9) stphpedit.php, (10) stphpeditwithcaption.php, (11) stphphr.php, (12) stphpimage.php, (13) stphpimagewithcaption.php, (14) stphplabel.php, (15) stphplistbox.php, (16) stphplistboxwithcaption.php, (17) stphplocale.php, (18) stphppanel.php, (19) stphpradiobutton.php, (20) stphpradiobuttonwithcaption.php, (21) stphpradiogroup.php, (22) stphprichbutton.php, (23) stphpspacer.php, (24) stphptable.php, (25) stphptablecell.php, (26) stphptablerow.php, (27) stphptabpanel.php, (28) stphptabtitle.php, (29) stphptextarea.php, (30) stphptextareawithcaption.php, (31) stphptoolbar.php, (32) stphpwindow.php, (33) stphpxmldoc.php, or (34) stphpxmlelement.php, a different set of vectors than CVE-2007-4737.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"39077","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39077"},{"name":"39082","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39082"},{"name":"39088","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39088"},{"name":"39076","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39076"},{"name":"39090","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39090"},{"name":"39085","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39085"},{"name":"39079","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39079"},{"name":"39093","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39093"},{"name":"speedtech-stphpimageshow-file-include(36417)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36417"},{"name":"39099","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39099"},{"name":"39096","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39096"},{"name":"39102","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39102"},{"name":"39101","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39101"},{"name":"39095","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39095"},{"name":"39105","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39105"},{"name":"39097","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39097"},{"name":"39084","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39084"},{"name":"39074","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39074"},{"name":"39094","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39094"},{"name":"39098","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39098"},{"name":"39083","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39083"},{"name":"39078","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39078"},{"name":"39100","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39100"},{"name":"39103","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39103"},{"name":"39075","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39075"},{"name":"39091","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39091"},{"name":"25525","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/25525"},{"name":"39089","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39089"},{"name":"39081","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39081"},{"name":"39087","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39087"},{"name":"26658","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26658"},{"name":"39080","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39080"},{"name":"39104","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39104"},{"name":"39073","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39073"},{"name":"39092","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39092"},{"name":"39086","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/39086"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-4738","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) db_conf or (2) ADODB_DIR parameter to utils/stphpimage_show.php; or a URL in the STPHPLIB_DIR parameter to (3) stphpbutton.php, (4) stphpcheckbox.php, (5) stphpcheckboxwithcaption.php, (6) stphpcheckgroup.php, (7) stphpcomponent.php, (8) stphpcontrolwithcaption.php, (9) stphpedit.php, (10) stphpeditwithcaption.php, (11) stphphr.php, (12) stphpimage.php, (13) stphpimagewithcaption.php, (14) stphplabel.php, (15) stphplistbox.php, (16) stphplistboxwithcaption.php, (17) stphplocale.php, (18) stphppanel.php, (19) stphpradiobutton.php, (20) stphpradiobuttonwithcaption.php, (21) stphpradiogroup.php, (22) stphprichbutton.php, (23) stphpspacer.php, (24) stphptable.php, (25) stphptablecell.php, (26) stphptablerow.php, (27) stphptabpanel.php, (28) stphptabtitle.php, (29) stphptextarea.php, (30) stphptextareawithcaption.php, (31) stphptoolbar.php, (32) stphpwindow.php, (33) stphpxmldoc.php, or (34) stphpxmlelement.php, a different set of vectors than CVE-2007-4737.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"39077","refsource":"OSVDB","url":"http://osvdb.org/39077"},{"name":"39082","refsource":"OSVDB","url":"http://osvdb.org/39082"},{"name":"39088","refsource":"OSVDB","url":"http://osvdb.org/39088"},{"name":"39076","refsource":"OSVDB","url":"http://osvdb.org/39076"},{"name":"39090","refsource":"OSVDB","url":"http://osvdb.org/39090"},{"name":"39085","refsource":"OSVDB","url":"http://osvdb.org/39085"},{"name":"39079","refsource":"OSVDB","url":"http://osvdb.org/39079"},{"name":"39093","refsource":"OSVDB","url":"http://osvdb.org/39093"},{"name":"speedtech-stphpimageshow-file-include(36417)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36417"},{"name":"39099","refsource":"OSVDB","url":"http://osvdb.org/39099"},{"name":"39096","refsource":"OSVDB","url":"http://osvdb.org/39096"},{"name":"39102","refsource":"OSVDB","url":"http://osvdb.org/39102"},{"name":"39101","refsource":"OSVDB","url":"http://osvdb.org/39101"},{"name":"39095","refsource":"OSVDB","url":"http://osvdb.org/39095"},{"name":"39105","refsource":"OSVDB","url":"http://osvdb.org/39105"},{"name":"39097","refsource":"OSVDB","url":"http://osvdb.org/39097"},{"name":"39084","refsource":"OSVDB","url":"http://osvdb.org/39084"},{"name":"39074","refsource":"OSVDB","url":"http://osvdb.org/39074"},{"name":"39094","refsource":"OSVDB","url":"http://osvdb.org/39094"},{"name":"39098","refsource":"OSVDB","url":"http://osvdb.org/39098"},{"name":"39083","refsource":"OSVDB","url":"http://osvdb.org/39083"},{"name":"39078","refsource":"OSVDB","url":"http://osvdb.org/39078"},{"name":"39100","refsource":"OSVDB","url":"http://osvdb.org/39100"},{"name":"39103","refsource":"OSVDB","url":"http://osvdb.org/39103"},{"name":"39075","refsource":"OSVDB","url":"http://osvdb.org/39075"},{"name":"39091","refsource":"OSVDB","url":"http://osvdb.org/39091"},{"name":"25525","refsource":"BID","url":"http://www.securityfocus.com/bid/25525"},{"name":"39089","refsource":"OSVDB","url":"http://osvdb.org/39089"},{"name":"39081","refsource":"OSVDB","url":"http://osvdb.org/39081"},{"name":"39087","refsource":"OSVDB","url":"http://osvdb.org/39087"},{"name":"26658","refsource":"SECUNIA","url":"http://secunia.com/advisories/26658"},{"name":"39080","refsource":"OSVDB","url":"http://osvdb.org/39080"},{"name":"39104","refsource":"OSVDB","url":"http://osvdb.org/39104"},{"name":"39073","refsource":"OSVDB","url":"http://osvdb.org/39073"},{"name":"39092","refsource":"OSVDB","url":"http://osvdb.org/39092"},{"name":"39086","refsource":"OSVDB","url":"http://osvdb.org/39086"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T15:08:33.812Z"},"title":"CVE Program Container","references":[{"name":"39077","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39077"},{"name":"39082","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39082"},{"name":"39088","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39088"},{"name":"39076","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39076"},{"name":"39090","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39090"},{"name":"39085","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39085"},{"name":"39079","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39079"},{"name":"39093","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39093"},{"name":"speedtech-stphpimageshow-file-include(36417)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36417"},{"name":"39099","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39099"},{"name":"39096","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39096"},{"name":"39102","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39102"},{"name":"39101","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39101"},{"name":"39095","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39095"},{"name":"39105","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39105"},{"name":"39097","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39097"},{"name":"39084","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39084"},{"name":"39074","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39074"},{"name":"39094","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39094"},{"name":"39098","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39098"},{"name":"39083","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39083"},{"name":"39078","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39078"},{"name":"39100","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39100"},{"name":"39103","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39103"},{"name":"39075","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39075"},{"name":"39091","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39091"},{"name":"25525","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/25525"},{"name":"39089","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39089"},{"name":"39081","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39081"},{"name":"39087","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39087"},{"name":"26658","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26658"},{"name":"39080","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39080"},{"name":"39104","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39104"},{"name":"39073","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39073"},{"name":"39092","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39092"},{"name":"39086","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/39086"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-4738","datePublished":"2007-09-06T19:00:00.000Z","dateReserved":"2007-09-06T00:00:00.000Z","dateUpdated":"2024-08-07T15:08:33.812Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}