exploitDog

CVE-2013-1349

Опубликовано: 09 дек. 2013

Источник: nvd

CVSS2: 7.5

EPSS Высокий

Описание

Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.

Ссылки

http://karmainsecurity.com/KIS-2013-10
Exploit
http://secunia.com/advisories/55913
Vendor Advisory
http://sourceforge.net/p/opensis-ce/bugs/59/
Exploit
http://sourceforge.net/p/opensis-ce/code/1009
Exploit
Patch
http://karmainsecurity.com/KIS-2013-10
Exploit
http://secunia.com/advisories/55913
Vendor Advisory
http://sourceforge.net/p/opensis-ce/bugs/59/
Exploit
http://sourceforge.net/p/opensis-ce/code/1009
Exploit
Patch

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:os4ed:opensis:4.5:*:*:*:*:*:*:*

cpe:2.3:a:os4ed:opensis:4.6:*:*:*:*:*:*:*

cpe:2.3:a:os4ed:opensis:4.7:*:*:*:*:*:*:*

cpe:2.3:a:os4ed:opensis:4.8:*:*:*:*:*:*:*

cpe:2.3:a:os4ed:opensis:4.8.1:*:*:*:*:*:*:*

cpe:2.3:a:os4ed:opensis:4.9:*:*:*:*:*:*:*

cpe:2.3:a:os4ed:opensis:5.0:*:*:*:*:*:*:*

cpe:2.3:a:os4ed:opensis:5.1:*:*:*:*:*:*:*

cpe:2.3:a:os4ed:opensis:5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.70857

Высокий

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-63m6-8fwh-9fhm

github

больше 3 лет назад

Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.

EPSS

Процентиль: 99%

0.70857

Высокий

7.5 High

CVSS2

Дефекты

CWE-94