Описание
PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:wordpress:wordpress:0.70:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00913
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
ubuntu
больше 10 лет назад
WordPress 0.7 allows remote execution of commands. / Wp-links / links.all.php. An attacker can inject a url in $ abspath and get remote execution of commands with the privileges of the server web (usually nobody).
github
около 3 лет назад
PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.
EPSS
Процентиль: 75%
0.00913
Низкий
7.5 High
CVSS2
Дефекты
CWE-94