exploitDog

GHSA-g8c8-8m7v-7v94

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

PHP file inclusion vulnerability in index.php in PHP iCalendar 2.0a2 through 2.0.1 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the phpicalendar cookie. NOTE: this is not a cross-site scripting (XSS) issue as claimed by the original researcher.

PHP file inclusion vulnerability in index.php in PHP iCalendar 2.0a2 through 2.0.1 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the phpicalendar cookie. NOTE: this is not a cross-site scripting (XSS) issue as claimed by the original researcher.

Ссылки

EPSS

Процентиль: 88%

0.03833

Низкий

CVE ID

Связанные уязвимости

CVE-2005-3366

nvd

больше 20 лет назад

PHP file inclusion vulnerability in index.php in PHP iCalendar 2.0a2 through 2.0.1 allows remote attackers to execute arbitrary PHP code and include arbitrary local files via the phpicalendar cookie. NOTE: this is not a cross-site scripting (XSS) issue as claimed by the original researcher.

EPSS

Процентиль: 88%

0.03833

Низкий

CVE ID