Описание
PHP remote file inclusion vulnerability in adminips.php in Develooping Flash Chat allows remote attackers to execute arbitrary PHP code via a URL in the banned_file parameter. NOTE: CVE disputes this vulnerability because banned_file is set to a constant value
Ссылки
- Exploit
- Patch
- Exploit
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:develooping:flash_chat:4.5.7:*:*:*:*:*:*:*
cpe:2.3:a:develooping:flash_chat:4.6:*:*:*:*:*:*:*
cpe:2.3:a:develooping:flash_chat:4.6.1:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01036
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
** DISPUTED ** PHP remote file inclusion vulnerability in adminips.php in Develooping Flash Chat allows remote attackers to execute arbitrary PHP code via a URL in the banned_file parameter. NOTE: CVE disputes this vulnerability because banned_file is set to a constant value.
EPSS
Процентиль: 77%
0.01036
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other