exploitDog

GHSA-p7rc-h4j2-q995

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may overlap CVE-2006-0723.

PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may overlap CVE-2006-0723.

Ссылки

EPSS

Процентиль: 84%

0.02052

Низкий

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2007-1141

nvd

почти 19 лет назад

PHP remote file inclusion vulnerability in preview.php in Magic News Plus 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the php_script_path parameter. NOTE: This issue may overlap CVE-2006-0723.

EPSS

Процентиль: 84%

0.02052

Низкий

CVE ID

Дефекты

CWE-94