Описание
Multiple PHP remote file inclusion vulnerabilities in Open Conference Systems (OCS) before 1.1.6 allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter in (1) include/theme.inc.php or (2) include/footer.inc.php.
Multiple PHP remote file inclusion vulnerabilities in Open Conference Systems (OCS) before 1.1.6 allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter in (1) include/theme.inc.php or (2) include/footer.inc.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-5308
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29517
- https://www.exploit-db.com/exploits/2536
- http://isc.sans.org/diary.php?storyid=1791
- http://pkp.sfu.ca/ocs_download
- http://pkp.sfu.ca:8043/bugzilla/attachment.cgi?id=90
- http://pkp.sfu.ca:8043/bugzilla/show_bug.cgi?id=2436
- http://secunia.com/advisories/22412
- http://securitytracker.com/id?1017071
- http://www.securityfocus.com/archive/1/448548/100/0/threaded
- http://www.securityfocus.com/bid/20567
- http://www.vupen.com/english/advisories/2006/4041
EPSS
Процентиль: 95%
0.20606
Средний
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
Multiple PHP remote file inclusion vulnerabilities in Open Conference Systems (OCS) before 1.1.6 allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter in (1) include/theme.inc.php or (2) include/footer.inc.php.
EPSS
Процентиль: 95%
0.20606
Средний