Lucene search

[email protected]CVE-2008-0502

HistoryJan 31, 2008 - 8:00 p.m.

CVE-2008-0502

2008-01-3120:00:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-0502

php

remote file inclusion

connectix boards 0.8.2

vulnerability

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.4%

JSON

PHP remote file inclusion vulnerability in templates/Official/part_userprofile.php in Connectix Boards 0.8.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the template_path parameter.

Affected configurations

NVD

Node

connectixconnectix_boardsRange≤0.8.2

connectixconnectix_boardsMatch0.8.1

CPENameOperatorVersion
connectix:connectix_boardsconnectix connectix boardsle0.8.2
connectix:connectix_boardsconnectix connectix boardseq0.8.1

CPE	Name	Operator	Version
connectix:connectix_boards	connectix connectix boards	le	0.8.2
connectix:connectix_boards	connectix connectix boards	eq	0.8.1

References

secunia.com/advisories/28704

www.securityfocus.com/bid/27506

www.vupen.com/english/advisories/2008/0363

exchange.xforce.ibmcloud.com/vulnerabilities/40040

www.exploit-db.com/exploits/5012

7.6 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.058 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2008-0502

nvd1 prion1 cvelist1