CVE-2008-5771

Опубликовано: 30 дек. 2008

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.

Ссылки

http://secunia.com/advisories/33098
Vendor Advisory
http://securityreason.com/securityalert/4826
http://www.securityfocus.com/bid/32820
Exploit
https://www.exploit-db.com/exploits/7451
http://secunia.com/advisories/33098
Vendor Advisory
http://securityreason.com/securityalert/4826
http://www.securityfocus.com/bid/32820
Exploit
https://www.exploit-db.com/exploits/7451

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpweather:phpweather:2.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.03012

Низкий

7.5 High

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-4jfj-f72q-22fg

github

больше 3 лет назад