CVE-2007-0190

Опубликовано: 12 янв. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in edit_address.php in edit-x ecommerce allows remote attackers to execute arbitrary PHP code via a URL in the include_dir parameter.

Ссылки

http://securityreason.com/securityalert/2139
http://www.securityfocus.com/archive/1/456439/100/0/threaded
http://www.securityfocus.com/bid/21974
http://www.vupen.com/english/advisories/2007/0158
https://exchange.xforce.ibmcloud.com/vulnerabilities/31384
http://securityreason.com/securityalert/2139
http://www.securityfocus.com/archive/1/456439/100/0/threaded
http://www.securityfocus.com/bid/21974
http://www.vupen.com/english/advisories/2007/0158
https://exchange.xforce.ibmcloud.com/vulnerabilities/31384

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:edit-x:ecommerce:*:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03149

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pwgf-498p-c3hw

github

почти 4 года назад