Описание
Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via the page parameter, possibly due to a PHP remote file include vulnerability. NOTE: this vulnerability could not be confirmed by source code inspection of CoreNews 2.0.1, which does not appear to use a "page" parameter or variable.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:corenews:corenews:2.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05621
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Unspecified vulnerability in index.php in Core CoreNews 2.0.1 allows remote attackers to execute arbitrary commands via the page parameter, possibly due to a PHP remote file include vulnerability. NOTE: this vulnerability could not be confirmed by source code inspection of CoreNews 2.0.1, which does not appear to use a "page" parameter or variable.
EPSS
Процентиль: 90%
0.05621
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other