exploitDog

GHSA-j648-x338-vqvm

Опубликовано: 22 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Image Gallery Box by CRUDLab allows PHP Local File Inclusion. This issue affects Image Gallery Box by CRUDLab: from n/a through 1.0.3.

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Image Gallery Box by CRUDLab allows PHP Local File Inclusion. This issue affects Image Gallery Box by CRUDLab: from n/a through 1.0.3.

Ссылки

EPSS

Процентиль: 47%

0.00242

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-98

Связанные уязвимости

CVE-2025-23938

CVSS3: 7.5

nvd

около 1 года назад

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NotFound Image Gallery Box by CRUDLab allows PHP Local File Inclusion. This issue affects Image Gallery Box by CRUDLab: from n/a through 1.0.3.

EPSS

Процентиль: 47%

0.00242

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-98