Описание
PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote attackers to execute arbitrary PHP code via a URL in unspecified vectors that modify the _smarty_compile_path variable in the fetch function.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:tigran_abrahamyan:phpecho_cms:2.0:rc3:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00629
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
PHP remote file inclusion vulnerability in kernel/smarty/Smarty.class.php in PHPEcho CMS 2.0 rc3 allows remote attackers to execute arbitrary PHP code via a URL in unspecified vectors that modify the _smarty_compile_path variable in the fetch function.
EPSS
Процентиль: 70%
0.00629
Низкий
7.5 High
CVSS2
Дефекты
CWE-94