Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-pc48-f845-gpfr

Опубликовано: 01 мая 2022
Источник: github
Github: Не прошло ревью

Описание

PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php, (3) inc/common.php, and (4) inc/function.php. NOTE: it has been reported that the inc directory is protected by a .htaccess file, so this issue only applies in certain environments or configurations.

PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php, (3) inc/common.php, and (4) inc/function.php. NOTE: it has been reported that the inc directory is protected by a .htaccess file, so this issue only applies in certain environments or configurations.

Ссылки

EPSS

Процентиль: 91%
0.06627
Низкий

CVE ID

CVE-2006-2877

Связанные уязвимости

nvd логотип

CVE-2006-2877

nvd
больше 19 лет назад

PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.php, (3) inc/common.php, and (4) inc/function.php. NOTE: it has been reported that the inc directory is protected by a .htaccess file, so this issue only applies in certain environments or configurations.

EPSS

Процентиль: 91%
0.06627
Низкий

CVE ID

CVE-2006-2877