Описание
PHP remote file inclusion vulnerability in common/visiteurs/include/menus.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 8.0.2 (включая)
Одно из
cpe:2.3:a:j-pierre_dezelus:les_visiteurs:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:phpmyconferences:phpmyconferences:*:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.08904
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
PHP remote file inclusion vulnerability in common/visiteurs/include/menus.inc.php in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allows remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter.
EPSS
Процентиль: 92%
0.08904
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94