CVE-2007-4244

Опубликовано: 08 авг. 2007

Источник: nvd

CVSS2: 7.5

EPSS Средний

Описание

PHP remote file inclusion vulnerability in langset.php in J! Reactions (com_jreactions) 1.8.1 and earlier, a Joomla! component, allows remote attackers to execute arbitrary PHP code via a URL in the comPath parameter.

Ссылки

http://securityreason.com/securityalert/2984
http://www.securityfocus.com/archive/1/475544/100/0/threaded
http://www.securityfocus.com/archive/1/477144/100/0/threaded
http://www.securityfocus.com/archive/1/477245/100/0/threaded
http://www.securityfocus.com/bid/25198
Exploit
http://yollubunlar.org/joomla-j-reactions-component-rfi-75.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/35808
http://securityreason.com/securityalert/2984
http://www.securityfocus.com/archive/1/475544/100/0/threaded
http://www.securityfocus.com/archive/1/477144/100/0/threaded
http://www.securityfocus.com/archive/1/477245/100/0/threaded
http://www.securityfocus.com/bid/25198
Exploit
http://yollubunlar.org/joomla-j-reactions-component-rfi-75.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/35808

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:joomla:j_reactions:*:*:*:*:*:*:*:*

Версия до 1.8.1 (включая)

EPSS

Процентиль: 99%

0.68641

Средний

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-hpfj-5hrq-qgp2

github

почти 4 года назад