Lucene search

[email protected]CVE-2008-1043

HistoryFeb 27, 2008 - 7:44 p.m.

CVE-2008-1043

2008-02-2719:44:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-1043

php

remote file inclusion

linux web shop

lws

user base 1.3 beta

vulnerability

nvd

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.6%

JSON

PHP remote file inclusion vulnerability in templates/default/header.inc.php in Linux Web Shop (LWS) php User Base 1.3 BETA allows remote attackers to execute arbitrary PHP code via a URL in the menu parameter.

CPENameOperatorVersion
linux_web_shop:php_user_baselinux web shop php user baseeq1.3

CPE	Name	Operator	Version
linux_web_shop:php_user_base	linux web shop php user base	eq	1.3

References

www.securityfocus.com/archive/1/494140/100/0/threaded

www.securityfocus.com/bid/27963

exchange.xforce.ibmcloud.com/vulnerabilities/40794

www.exploit-db.com/exploits/5180

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.036 Low

EPSS

Percentile

91.6%

JSON

Related for CVE-2008-1043

prion1 canvas1