Lucene search

[email protected]CVE-2008-2228

HistoryMay 14, 2008 - 6:20 p.m.

CVE-2008-2228

2008-05-1418:20:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-2228

php

remote file inclusion

cyberfolio 7.12

vulnerability

8.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.02 Low

EPSS

Percentile

88.8%

JSON

PHP remote file inclusion vulnerability in portfolio/commentaires/derniers_commentaires.php in Cyberfolio 7.12, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the rep parameter.

CPENameOperatorVersion
cyberfolio:cyberfoliocyberfolioeq7.2

CPE	Name	Operator	Version
cyberfolio:cyberfolio	cyberfolio	eq	7.2

References

secunia.com/advisories/30154

www.securityfocus.com/bid/29124

exchange.xforce.ibmcloud.com/vulnerabilities/42286

www.exploit-db.com/exploits/5567

8.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.02 Low

EPSS

Percentile

88.8%

JSON

Related for CVE-2008-2228

cvelist1 prion1