exploitDog

CVE-2006-1154

Опубликовано: 10 мар. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:fscripts:fantastic_news:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:fscripts:fantastic_news:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:fscripts:fantastic_news:2.1.4:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03628

Низкий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-c8vh-8h4w-hxhr

github

почти 4 года назад

PHP remote file inclusion vulnerability in archive.php in Fantastic News 2.1.2 allows remote attackers to include arbitrary files via the CONFIG[script_path] variable. NOTE: 2.1.4 was also reported to be vulnerable.

EPSS

Процентиль: 88%

0.03628

Низкий

7.5 High

CVSS2

Дефекты

CWE-94