exploitDog

CVE-2006-0144

Опубликовано: 09 янв. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apache2triad:apache2triad:*:*:*:*:*:*:*:*

cpe:2.3:a:php:pear:0.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01457

Низкий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

CVE-2006-0144

ubuntu

больше 19 лет назад

The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.

GHSA-j5qr-fr9w-5pj5

github

больше 3 лет назад

The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.

EPSS

Процентиль: 80%

0.01457

Низкий

7.5 High

CVSS2

Дефекты

CWE-94