exploitDog

GHSA-h78c-2562-6c4v

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.

PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.

Ссылки

EPSS

Процентиль: 99%

0.85605

Высокий

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2006-2685

ubuntu

больше 19 лет назад

PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.

CVE-2006-2685

nvd

больше 19 лет назад

PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.

CVE-2006-2685

debian

больше 19 лет назад

PHP remote file inclusion vulnerability in Basic Analysis and Security ...

EPSS

Процентиль: 99%

0.85605

Высокий

CVE ID

Дефекты

CWE-94