exploitDog

GHSA-xr7w-9r28-r57c

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.

Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.

Ссылки

EPSS

Процентиль: 99%

0.73116

Высокий

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2008-0382

nvd

около 18 лет назад

Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier allow remote attackers to execute arbitrary code via the sortby parameter to (1) forumdisplay.php or (2) a results action in search.php.

EPSS

Процентиль: 99%

0.73116

Высокий

CVE ID

Дефекты

CWE-94