CVE-2007-5567

Опубликовано: 18 окт. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in _lib/fckeditor/upload_config.php in Galmeta Post 0.11 allows remote attackers to execute arbitrary PHP code via a URL in the DDS parameter.

Ссылки

http://arfis.wordpress.com/2007/09/13/rfi-02-galmeta-post/
http://www.attrition.org/pipermail/vim/2007-October/001836.html
http://www.securityfocus.com/bid/26329
https://exchange.xforce.ibmcloud.com/vulnerabilities/37412
http://arfis.wordpress.com/2007/09/13/rfi-02-galmeta-post/
http://www.attrition.org/pipermail/vim/2007-October/001836.html
http://www.securityfocus.com/bid/26329
https://exchange.xforce.ibmcloud.com/vulnerabilities/37412

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:galmeta:galmeta_post:0.11:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01759

Низкий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

CVE-2007-5567

debian

около 18 лет назад

PHP remote file inclusion vulnerability in _lib/fckeditor/upload_confi ...

GHSA-vchq-8f7w-w3qf

github

больше 3 лет назад