exploitDog

GHSA-wr68-h4rj-4xvr

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.

Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.

Ссылки

EPSS

Процентиль: 92%

0.08352

Низкий

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2006-7127

nvd

почти 19 лет назад

Multiple PHP remote file inclusion vulnerabilities in JAF CMS 4.0 and 4.0 RC2 allow remote attackers to execute arbitrary PHP code via a URL in the main_dir parameter to (1) forum/main.php and (2) forum/headlines.php.

EPSS

Процентиль: 92%

0.08352

Низкий

CVE ID

Дефекты

CWE-94