Описание
PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 1.2.5-1 |
| edgy | released | 1.2.5-1 |
| feisty | released | 1.2.5-1 |
| gutsy | released | 1.2.5-1 |
| hardy | released | 1.2.5-1 |
| intrepid | released | 1.2.5-1 |
| jaunty | released | 1.2.5-1 |
| karmic | released | 1.2.5-1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
4 Medium
CVSS2
Связанные уязвимости
PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.
PHP remote file inclusion vulnerability in Basic Analysis and Security ...
PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php, and (3) includes/base_include.inc.php.
EPSS
4 Medium
CVSS2