Описание
PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to include and execute arbitrary remote files via a URL in the pathtoashnews parameter to (1) ashnews.php and (2) ashheadlines.php.
PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to include and execute arbitrary remote files via a URL in the pathtoashnews parameter to (1) ashnews.php and (2) ashheadlines.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-1292
- https://www.exploit-db.com/exploits/1864
- http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0969.html
- http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0979.html
- http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0980.html
- http://forums.ashwebstudio.com/viewtopic.php?t=353&start=0
- http://secunia.com/advisories/9331
- http://www.securityfocus.com/archive/1/329910
- http://www.securityfocus.com/bid/16436
- http://www.securityfocus.com/bid/18248
EPSS
Процентиль: 93%
0.11149
Средний
CVE ID
Связанные уязвимости
nvd
около 22 лет назад
PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to include and execute arbitrary remote files via a URL in the pathtoashnews parameter to (1) ashnews.php and (2) ashheadlines.php.
EPSS
Процентиль: 93%
0.11149
Средний