CVE-2008-5906

Опубликовано: 15 янв. 2009

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ktorrent:ktorrent:*:*:*:*:*:*:*:*

Версия до 3.1.3 (включая)

cpe:2.3:a:ktorrent:ktorrent:0.9:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:1.0:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:1.1:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:1.2:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:1.2:rc1:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:1.2:rc2:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.0:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.0:beta1:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.1:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.1:beta1:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.1:rc1:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2:beta1:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2:rc1:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2.4:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2.5:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2.6:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2.7:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:2.2.8:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:3.0:beta1:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:3.0:rc1:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:3.0.0:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ktorrent:ktorrent:3.1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01171

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2008-5906

ubuntu

почти 17 лет назад

Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.

CVE-2008-5906

debian

почти 17 лет назад

Eval injection vulnerability in the web interface plugin in KTorrent b ...

GHSA-mx7w-jjcw-fj7v

github

больше 3 лет назад

Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts.

EPSS

Процентиль: 78%

0.01171

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-20