Lucene search
MitreCVE-2008-2854HistoryJun 25, 2008 - 12:36 p.m.
CVE-2008-2854
2008-06-2512:36:00
CWE-94
mitre
web.nvd.nist.gov
18
cve
2008
2854
php
remote file inclusion
vulnerabilities
orlando cms
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.02
Percentile
88.8%
Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.
Affected configurations
Node
orlando_cmsorlando_cmsMatch0.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| orlando_cms | orlando_cms | 0.6 | cpe:2.3:a:orlando_cms:orlando_cms:0.6:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2008-2854
2008-06-25 12:36:00
exploitdb
exploitdb
Orlando CMS 0.6 - Remote File Inclusion
2008-06-19 00:00:00
prion
prion
Remote file inclusion
2008-06-25 12:36:00
cvelist
cvelist
CVE-2008-2854
2008-06-25 10:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.7
Confidence
Low
EPSS
0.02
Percentile
88.8%
Related for CVE-2008-2854