Описание
Multiple PHP remote file inclusion vulnerabilities in GraFX Company WebSite Builder (CWB) PRO 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter to (1) cls_headline_prod.php, (2) cls_listorders.php, or (3) cls_viewpastorders.php in include/, different vectors than CVE-2007-1513.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:grafx_software:company_website_builder:1.5:*:pro:*:*:*:*:*
EPSS
Процентиль: 92%
0.07793
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Multiple PHP remote file inclusion vulnerabilities in GraFX Company WebSite Builder (CWB) PRO 1.5 allow remote attackers to execute arbitrary PHP code via a URL in the INCLUDE_PATH parameter to (1) cls_headline_prod.php, (2) cls_listorders.php, or (3) cls_viewpastorders.php in include/, different vectors than CVE-2007-1513.
EPSS
Процентиль: 92%
0.07793
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other