CVE-2007-1996

Опубликовано: 12 апр. 2007

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, probably 1.1.2 and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the process_method parameter.

Ссылки

http://secunia.com/advisories/24846
Vendor Advisory
http://securityreason.com/securityalert/2562
http://www.securityfocus.com/archive/1/465382/100/0/threaded
http://www.securityfocus.com/bid/23425
http://www.vupen.com/english/advisories/2007/1355
Vendor Advisory
http://secunia.com/advisories/24846
Vendor Advisory
http://securityreason.com/securityalert/2562
http://www.securityfocus.com/archive/1/465382/100/0/threaded
http://www.securityfocus.com/bid/23425
http://www.vupen.com/english/advisories/2007/1355
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:codebreak:codebreak:*:*:*:*:*:*:*:*

Версия до 1.1.2 (включая)

EPSS

Процентиль: 88%

0.03674

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-wmjh-g52p-x87p

github

почти 4 года назад