Описание
Multiple PHP remote file inclusion vulnerabilities in Post Revolution 6.6 and 7.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) common.php or (2) themes/default/preview_post_completo.php.
Multiple PHP remote file inclusion vulnerabilities in Post Revolution 6.6 and 7.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) common.php or (2) themes/default/preview_post_completo.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2201
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33825
- https://www.exploit-db.com/exploits/3785
- http://osvdb.org/35317
- http://osvdb.org/35318
- http://secunia.com/advisories/24971
- http://securityreason.com/securityalert/2653
- http://www.securityfocus.com/archive/1/466707/100/0/threaded
- http://www.securityfocus.com/bid/23607
- http://www.vupen.com/english/advisories/2007/1513
EPSS
Процентиль: 92%
0.08547
Низкий
CVE ID
Связанные уязвимости
nvd
почти 19 лет назад
Multiple PHP remote file inclusion vulnerabilities in Post Revolution 6.6 and 7.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) common.php or (2) themes/default/preview_post_completo.php.
EPSS
Процентиль: 92%
0.08547
Низкий