Описание
Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sitracker:support_incident_tracker:3.6:*:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.45:*:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.45:beta1:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.50:*:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.50:beta1:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.51:*:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.60:*:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.61:*:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.62:*:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.63:*:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.63:beta1:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.64:*:*:*:*:*:*:*
cpe:2.3:a:sitracker:support_incident_tracker:3.65:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01761
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable.
EPSS
Процентиль: 82%
0.01761
Низкий
7.5 High
CVSS2
Дефекты
CWE-94