exploitDog

CVE-2008-4735

Опубликовано: 24 окт. 2008

Источник: nvd

CVSS2: 8.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter.

Ссылки

http://secunia.com/advisories/32050
Vendor Advisory
http://www.securityfocus.com/bid/31461
Exploit
https://www.exploit-db.com/exploits/6598
http://secunia.com/advisories/32050
Vendor Advisory
http://www.securityfocus.com/bid/31461
Exploit
https://www.exploit-db.com/exploits/6598

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:coastal:coast:0.95:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02778

Низкий

8.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-qq9c-c3hj-6mfc

github

больше 3 лет назад

PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter.

EPSS

Процентиль: 86%

0.02778

Низкий

8.5 High

CVSS2

Дефекты

CWE-94