Lucene search

[email protected]CVE-2003-1086

HistoryJun 17, 2003 - 4:00 a.m.

CVE-2003-1086

2003-06-1704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-1086

php

remote file inclusion vulnerability

pmachine free

pmachine pro

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.029 Low

EPSS

Percentile

90.6%

JSON

PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine Free and pMachine Pro 2.2 and 2.2.1 allows remote attackers to execute arbitrary PHP code by modifying the pm_path parameter to reference a URL on a remote web server that contains the code.

CPENameOperatorVersion
pmachine:pmachine_freepmachine pmachine freeeq*
pmachine:pmachine_propmachine pmachine proeq2.2
pmachine:pmachine_propmachine pmachine proeq2.2.1

CPE	Name	Operator	Version
pmachine:pmachine_free	pmachine pmachine free	eq	*
pmachine:pmachine_pro	pmachine pmachine pro	eq	2.2
pmachine:pmachine_pro	pmachine pmachine pro	eq	2.2.1

References

marc.info/?l=bugtraq&m=105638414205498&w=2

www.pmachine.com/forum/threads.php?id=7274_0_13_0_C

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.029 Low

EPSS

Percentile

90.6%

JSON

Related for CVE-2003-1086

nessus1 cve1