Описание
Multiple PHP remote file inclusion vulnerabilities in theme/format.php in SMA-DB 0.3.13 allow remote attackers to execute arbitrary PHP code via a URL in the (1) _page_css and (2) _page_javascript parameters. NOTE: the _page_content vector is already is covered by CVE-2009-1450.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:bluevirus-design:sma-db:0.3.13:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02103
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
Multiple PHP remote file inclusion vulnerabilities in theme/format.php in SMA-DB 0.3.13 allow remote attackers to execute arbitrary PHP code via a URL in the (1) _page_css and (2) _page_javascript parameters. NOTE: the _page_content vector is already is covered by CVE-2009-1450.
EPSS
Процентиль: 84%
0.02103
Низкий
7.5 High
CVSS2
Дефекты
CWE-94