Описание
PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3.
PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-1796
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14140
- http://secunia.com/advisories/10551
- http://securitytracker.com/id?1008608
- http://sourceforge.net/forum/forum.php?forum_id=342594
- http://www.osvdb.org/3332
- http://www.osvdb.org/3405
- http://www.securityfocus.com/archive/1/348840
- http://www.securityfocus.com/bid/9357
EPSS
Процентиль: 94%
0.13241
Средний
CVE ID
Связанные уязвимости
nvd
больше 20 лет назад
PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3.
EPSS
Процентиль: 94%
0.13241
Средний