Описание
PHP remote file inclusion vulnerability in Sonium Enterprise Adressbook 0.2 allows remote attackers to execute arbitrary PHP code via the folder parameter in multiple files in the plugins directory, as demonstrated by plugins/1_Adressbuch/delete.php.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sonium:enterprise_adressbook:0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.0325
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
PHP remote file inclusion vulnerability in Sonium Enterprise Adressbook 0.2 allows remote attackers to execute arbitrary PHP code via the folder parameter in multiple files in the plugins directory, as demonstrated by plugins/1_Adressbuch/delete.php.
EPSS
Процентиль: 87%
0.0325
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other