Описание
PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a FTP URL or full file path in the Paths[extensions_path] parameter.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:pivot:pivot:1.30_rc2:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06581
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 19 лет назад
PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.3 ...
github
почти 4 года назад
PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a FTP URL or full file path in the Paths[extensions_path] parameter.
EPSS
Процентиль: 91%
0.06581
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other