exploitDog

CVE-2005-3017

Опубликовано: 21 сент. 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS).

Ссылки

http://securitytracker.com/id?1014900
Exploit
http://securitytracker.com/id?1014900
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:content2web:content2web:1.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00351

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-2q2j-p926-8hw7

github

почти 4 года назад

PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS).

EPSS

Процентиль: 57%

0.00351

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other