7.8 High
AI Score
Confidence
Low
5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.44 Medium
EPSS
Percentile
97.3%
Multiple PHP remote file inclusion vulnerabilities in Dolphin 5.1 allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) index.php, (2) aemodule.php, (3) browse.php, (4) cc.php, (5) click.php, (6) faq.php, (7) gallery.php, (8) im.php, (9) inbox.php, (10) join_form.php, (11) logout.php, (12) messages_inbox.php, and many other scripts.
CPE | Name | Operator | Version |
---|---|---|---|
boonex:dolphin | boonex dolphin | eq | 5.1 |
secunia.com/advisories/21535
securitytracker.com/id?1016692
www.osvdb.org/28473
www.osvdb.org/28474
www.osvdb.org/28478
www.osvdb.org/28479
www.osvdb.org/28485
www.osvdb.org/28492
www.osvdb.org/28493
www.osvdb.org/28496
www.osvdb.org/28498
www.osvdb.org/28499
www.osvdb.org/28500
www.osvdb.org/28501
www.osvdb.org/28502
www.osvdb.org/28503
www.osvdb.org/28504
www.osvdb.org/28505
www.osvdb.org/28506
www.osvdb.org/28507
www.osvdb.org/28508
www.osvdb.org/28509
www.osvdb.org/28510
www.osvdb.org/28511
www.osvdb.org/28512
www.osvdb.org/28513
www.osvdb.org/28514
www.osvdb.org/28515
www.osvdb.org/28516
www.osvdb.org/28517
www.osvdb.org/28519
www.osvdb.org/28520
www.osvdb.org/28521
www.osvdb.org/28522
www.osvdb.org/28523
www.osvdb.org/28524
www.osvdb.org/28525
www.osvdb.org/28526
www.osvdb.org/28527
www.osvdb.org/28528
www.osvdb.org/28529
www.osvdb.org/28530
www.securityfocus.com/bid/21182
www.vupen.com/english/advisories/2006/3346
exchange.xforce.ibmcloud.com/vulnerabilities/28363