CVE-2006-5899

Опубликовано: 15 нояб. 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in install.php3 in @cid stats 2.3 allows remote attackers to execute arbitrary PHP code via a URL in the repertoire parameter. NOTE: this issue has been disputed by a third party, who states that install.php3 is supposed to be deleted after installation and, if not deleted, intentionally allows setting repertoire without an inclusion attack

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:acid_stats:acid_stats:2.3:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04257

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-49jg-7gvc-2mhx

github

почти 4 года назад

** DISPUTED ** PHP remote file inclusion vulnerability in install.php3 in @cid stats 2.3 allows remote attackers to execute arbitrary PHP code via a URL in the repertoire parameter. NOTE: this issue has been disputed by a third party, who states that install.php3 is supposed to be deleted after installation and, if not deleted, intentionally allows setting repertoire without an inclusion attack.