Описание
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter. NOTE: it was later reported that 2.0.1 is also affected.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:insanevisions:adapcms:2.0.0:beta:*:*:*:*:*:*
cpe:2.3:a:insanevisions:adapcms:2.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01719
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter. NOTE: it was later reported that 2.0.1 is also affected.
EPSS
Процентиль: 82%
0.01719
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-94