exploitDog

CVE-2006-4921

Опубликовано: 21 сент. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to starnet/modules/include/include.php. NOTE: some of these details are obtained from third party information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:siteatschool:siteatschool:*:*:*:*:*:*:*:*

Версия до 2.4.03 (включая)

cpe:2.3:a:siteatschool:siteatschool:2.4.02:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.08293

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5ph7-wc68-6v9x

github

почти 4 года назад

PHP remote file inclusion vulnerability in Site@School (S@S) 2.4.03 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cmsdir parameter to starnet/modules/include/include.php. NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 92%

0.08293

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other