CVE-2007-4551

Опубликовано: 28 авг. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in index.php in Agares Media Arcadem 2.01 allows remote attackers to execute arbitrary PHP code via a URL in the loadpage parameter.

Ссылки

http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html
http://forums.agaresmedia.com/viewtopic.php?f=13&t=19
http://osvdb.org/36856
http://secunia.com/advisories/26574
Patch
Vendor Advisory
http://www.securityfocus.com/bid/25432
Exploit
http://14house.blogspot.com/2007/08/arcadem-rfi-sql-injection-flaws.html
http://forums.agaresmedia.com/viewtopic.php?f=13&t=19
http://osvdb.org/36856
http://secunia.com/advisories/26574
Patch
Vendor Advisory
http://www.securityfocus.com/bid/25432
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:agares_media:arcadem:2.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02237

Низкий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-3hq8-5g44-r923

github

почти 4 года назад