exploitDog

GHSA-2cmq-877r-q267

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php.

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php.

Ссылки

EPSS

Процентиль: 94%

0.1465

Средний

CVE ID

Связанные уязвимости

CVE-2006-2868

nvd

около 19 лет назад

Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the includePath cookie to (1) auth/extauth/drivers/mambo.inc.php or (2) auth/extauth/drivers/postnuke.inc.php.

EPSS

Процентиль: 94%

0.1465

Средний

CVE ID