Описание
The auto-format feature in the Request_Curl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:fuelphp:fuelphp:1.1:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.2:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.2:rc1:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.3:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.4:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.5:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.6:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.7:*:*:*:*:*:*:*
cpe:2.3:a:fuelphp:fuelphp:1.7.1:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01963
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
The auto-format feature in the Request_Curl class in FuelPHP 1.1 through 1.7.1 allows remote attackers to execute arbitrary code via a crafted response.
EPSS
Процентиль: 83%
0.01963
Низкий
7.5 High
CVSS2
Дефекты
CWE-94