CVE-2007-1052

Опубликовано: 21 фев. 2007

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in index.php in PBLang (PBL) 4.60 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dbpath parameter, a different vector than CVE-2006-5062. NOTE: this issue has been disputed by a reliable third party for 4.65, stating that the dbpath variable is initialized in an included file that is created upon installation

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pblang:pblang:*:*:*:*:*:*:*:*

Версия до 4.60 (включая)

EPSS

Процентиль: 81%

0.01602

Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-58pq-gm76-v728

github

почти 4 года назад

** DISPUTED ** PHP remote file inclusion vulnerability in index.php in PBLang (PBL) 4.60 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the dbpath parameter, a different vector than CVE-2006-5062. NOTE: this issue has been disputed by a reliable third party for 4.65, stating that the dbpath variable is initialized in an included file that is created upon installation.