exploitDog

CVE-2010-1360

Опубликовано: 13 апр. 2010

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple PHP remote file inclusion vulnerabilities in FAQEngine 4.24.00 allow remote attackers to execute arbitrary PHP code via a URL in the path_faqe parameter to (1) attachs.php, (2) backup.php, (3) badwords.php, (4) categories.php, (5) changepw.php, (6) colorchooser.php, (7) colorwheel.php, (8) dbfiles.php, (9) diraccess.php, (10) faq.php, (11) index.php, (12) kb.php, and (13) stats.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:boesch-it:faqengine:4.24.00:*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01395

Низкий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-4g74-883w-rrgv

github

почти 4 года назад

Multiple PHP remote file inclusion vulnerabilities in FAQEngine 4.24.00 allow remote attackers to execute arbitrary PHP code via a URL in the path_faqe parameter to (1) attachs.php, (2) backup.php, (3) badwords.php, (4) categories.php, (5) changepw.php, (6) colorchooser.php, (7) colorwheel.php, (8) dbfiles.php, (9) diraccess.php, (10) faq.php, (11) index.php, (12) kb.php, and (13) stats.php.

EPSS

Процентиль: 80%

0.01395

Низкий

7.5 High

CVSS2

Дефекты

CWE-94