Lucene search
HistoryMay 21, 2008 - 1:24 p.m.
CVE-2008-2396
cve-2008-2396
php
remote file inclusion
wajox software
microssys cms
security vulnerability
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
High
0.029 Low
EPSS
Percentile
90.8%
PHP remote file inclusion vulnerability in index.php in Wajox Software microSSys CMS 1.5 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in an arbitrary element of the PAGES array parameter.
Affected configurations
Node
wajox_softwaremircrossys_cmsRange≤1.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| wajox_software:mircrossys_cms | wajox software mircrossys cms | le | 1.5 |
Related
cvelist
cvelist
CVE-2008-2396
2008-05-21 10:00:00
prion
prion
Remote file inclusion
2008-05-21 13:24:00
nvd
nvd
CVE-2008-2396
2008-05-21 13:24:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
High
0.029 Low
EPSS
Percentile
90.8%
Related for CVE-2008-2396