CVE-2007-4525

Опубликовано: 25 авг. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in inc-calcul.php3 in SPIP 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the squelette_cache parameter, a different vector than CVE-2006-1702. NOTE: this issue has been disputed by third party researchers, stating that the squelette_cache variable is initialized before use, and is only used within the scope of a function

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:spip:spip:1.7.2:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00762

Низкий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

CVE-2007-4525

debian

больше 18 лет назад

PHP remote file inclusion vulnerability in inc-calcul.php3 in SPIP 1.7 ...

GHSA-9gw3-6jgp-vr97

github

больше 3 лет назад

** DISPUTED ** PHP remote file inclusion vulnerability in inc-calcul.php3 in SPIP 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the squelette_cache parameter, a different vector than CVE-2006-1702. NOTE: this issue has been disputed by third party researchers, stating that the squelette_cache variable is initialized before use, and is only used within the scope of a function.