exploitDog

CVE-2008-6313

Опубликовано: 27 фев. 2009

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Directory traversal vulnerability in addedit-render.php in phpAddEdit 1.3, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a URL in the editform parameter. NOTE: PHP remote file inclusion attacks are also likely.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpaddedit:phpaddedit:1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02324

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-h59q-q46g-w2rm

github

больше 3 лет назад

Directory traversal vulnerability in addedit-render.php in phpAddEdit 1.3, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a URL in the editform parameter. NOTE: PHP remote file inclusion attacks are also likely.

EPSS

Процентиль: 84%

0.02324

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-22