Описание
Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the AMG_serverpath parameter to (1) comments.php and (2) signin.php; and possibly via a URL in unspecified parameters to (3) include/submit.inc.php, (4) admin/index.php, (5) include/cm_submit.inc.php, and (6) index.php.
Ссылки
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- ExploitThird Party AdvisoryVDB EntryVendor Advisory
- VDB Entry
- Third Party AdvisoryVDB Entry
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- Broken Link
- ExploitThird Party AdvisoryVDB EntryVendor Advisory
- VDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
7.5 High
CVSS2
Дефекты
Связанные уязвимости
Multiple PHP remote file inclusion vulnerabilities in AllMyGuests 0.3.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the AMG_serverpath parameter to (1) comments.php and (2) signin.php; and possibly via a URL in unspecified parameters to (3) include/submit.inc.php, (4) admin/index.php, (5) include/cm_submit.inc.php, and (6) index.php.
EPSS
7.5 High
CVSS2