exploitDog

GHSA-jjp4-5j58-3cr7

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.

Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.

Ссылки

EPSS

Процентиль: 84%

0.02164

Низкий

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2009-1230

nvd

почти 17 лет назад

Static code injection vulnerability in index.php in Podcast Generator 1.1 and earlier allows remote authenticated administrators to inject arbitrary PHP code into config.php via the recent parameter in a config change action.

EPSS

Процентиль: 84%

0.02164

Низкий

CVE ID

Дефекты

CWE-94