Описание
PHP remote file inclusion vulnerability in cmpro_header.inc.php in Clan Manager Pro (CMPRO) 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) cm_ext_server and (2) sitepath parameters.
Ссылки
- PatchVendor Advisory
- Exploit
- PatchVendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cmpro_team:clan_manager_pro:1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00888
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
PHP remote file inclusion vulnerability in cmpro_header.inc.php in Clan Manager Pro (CMPRO) 1.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) cm_ext_server and (2) sitepath parameters.
EPSS
Процентиль: 75%
0.00888
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other