Описание
includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code.
includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code.
EPSS
Процентиль: 82%
0.01715
Низкий
CVE ID
Связанные уязвимости
nvd
больше 20 лет назад
includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code.
EPSS
Процентиль: 82%
0.01715
Низкий