Описание
PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to (1) settings.php or (2) cat.php, as demonstrated by XSS manipulations.
PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to (1) settings.php or (2) cat.php, as demonstrated by XSS manipulations.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2670
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34019
- http://osvdb.org/35538
- http://pridels0.blogspot.com/2007/05/phpchain-vuln.html
- http://secunia.com/advisories/25128
- http://www.securityfocus.com/bid/23761
- http://www.vupen.com/english/advisories/2007/1647
EPSS
Процентиль: 68%
0.00574
Низкий
CVE ID
Связанные уязвимости
nvd
больше 18 лет назад
PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to (1) settings.php or (2) cat.php, as demonstrated by XSS manipulations.
EPSS
Процентиль: 68%
0.00574
Низкий