Описание
PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3.
PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-1796
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14140
- http://secunia.com/advisories/10551
- http://securitytracker.com/id?1008608
- http://sourceforge.net/forum/forum.php?forum_id=342594
- http://www.osvdb.org/3332
- http://www.osvdb.org/3405
- http://www.securityfocus.com/archive/1/348840
- http://www.securityfocus.com/bid/9357
EPSS
Процентиль: 94%
0.13241
Средний
CVE ID
Связанные уязвимости
nvd
около 21 года назад
PHP remote file inclusion vulnerability in HotNews 0.7.2 and earlier allows remote attackers to execute arbitrary PHP code via the (1) config[header] parameter to hotnews-engine.inc.php3 or (2) config[incdir] parameter to hnmain.inc.php3.
EPSS
Процентиль: 94%
0.13241
Средний