Описание
PHP remote file inclusion vulnerability in downloadcounter.php in STWC-Counter 3.4.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the stwc_counter_verzeichniss parameter.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.4.0 (включая)
Одно из
cpe:2.3:a:stwc-counter:stwc-counter:*:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:1.01:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:1.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:1.2:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:1.02:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:1.11:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:1.12:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:1.21:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:1.22:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:stwc-counter:stwc-counter:3.3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.11687
Средний
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
PHP remote file inclusion vulnerability in downloadcounter.php in STWC-Counter 3.4.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the stwc_counter_verzeichniss parameter.
EPSS
Процентиль: 94%
0.11687
Средний
7.5 High
CVSS2
Дефекты
CWE-94