exploitDog

GHSA-r5gf-w27r-jjqq

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter.

PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter.

Ссылки

EPSS

Процентиль: 82%

0.01627

Низкий

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2009-3365

nvd

больше 16 лет назад

PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter.

EPSS

Процентиль: 82%

0.01627

Низкий

CVE ID

Дефекты

CWE-94