Lucene search

[email protected]CVE-2008-3402

HistoryJul 31, 2008 - 4:41 p.m.

CVE-2008-3402

2008-07-3116:41:00

CWE-94

[email protected]

web.nvd.nist.gov

cve

2008

3402

php

remote file inclusion

hiox browser statistics

hbs 2.0

security vulnerabilities

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.085 Low

EPSS

Percentile

94.5%

JSON

Multiple PHP remote file inclusion vulnerabilities in HIOX Browser Statistics (HBS) 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the hm parameter to (1) hioxupdate.php and (2) hioxstats.php.

Affected configurations

NVD

Node

hscriptshiox_random_adMatch2.0

CPENameOperatorVersion
hscripts:hiox_random_adhscripts hiox random adeq2.0

CPE	Name	Operator	Version
hscripts:hiox_random_ad	hscripts hiox random ad	eq	2.0

References

secunia.com/advisories/31299

securityreason.com/securityalert/4083

www.securityfocus.com/archive/1/494930/100/0/threaded

www.securityfocus.com/bid/30436

exchange.xforce.ibmcloud.com/vulnerabilities/44064

www.exploit-db.com/exploits/6162

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.085 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2008-3402

cvelist1 prion1 nvd1