exploitDog

CVE-2007-1908

Опубликовано: 10 апр. 2007

Источник: nvd

CVSS2: 6.8

EPSS Средний

Описание

PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:php121:php121_instant_messenger:2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10967

Средний

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4w3r-jhc2-fjv6

github

почти 4 года назад

PHP file inclusion vulnerability in php121db.php in PHP121 Instant Messenger 2.2 allows remote attackers to execute arbitrary PHP code via a UNC share pathname or a local file pathname in the php121dir parameter, which is accessed by the file_exists function.

EPSS

Процентиль: 93%

0.10967

Средний

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other