Описание
include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ban restrictions via a URL in the path parameter that points to an alternate bannedips.php file. NOTE: this issue was originally reported as remote file inclusion, but CVE analysis suggests that this cannot be used for code execution.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:shoutpro:shoutpro:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01651
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
include.php in Shoutpro 1.0 might allow remote attackers to bypass IP ban restrictions via a URL in the path parameter that points to an alternate bannedips.php file. NOTE: this issue was originally reported as remote file inclusion, but CVE analysis suggests that this cannot be used for code execution.
EPSS
Процентиль: 82%
0.01651
Низкий
5 Medium
CVSS2
Дефекты
CWE-264