Описание
PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo Valvano Comet WebFileManager (CWFM) 0.9.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the Language parameter.
PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo Valvano Comet WebFileManager (CWFM) 0.9.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the Language parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-4077
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28292
- http://secunia.com/advisories/21432
- http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1_%28Language%29_Remote_File_Inclusion.htm
- http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1_(Language)_Remote_File_Inclusion.htm
- http://www.securityfocus.com/archive/1/442714/100/0/threaded
- http://www.securityfocus.com/bid/19433
- http://www.vupen.com/english/advisories/2006/3221
EPSS
Процентиль: 91%
0.06714
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
PHP remote file inclusion vulnerability in CheckUpload.php in Vincenzo Valvano Comet WebFileManager (CWFM) 0.9.1, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the Language parameter.
EPSS
Процентиль: 91%
0.06714
Низкий