Lucene search

MitreCVE-2008-4624

HistoryOct 21, 2008 - 1:18 a.m.

CVE-2008-4624

2008-10-2101:18:02

CWE-94

mitre

web.nvd.nist.gov

php

vulnerability

remote code execution

fast click sql lite

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.089

Percentile

94.7%

JSON

PHP remote file inclusion vulnerability in init.php in Fast Click SQL Lite 1.1.7, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CFG[CDIR] parameter.

Affected configurations

Nvd

Node

ftrsoftfast_click_sql_liteMatch1.1.7

VendorProductVersionCPE
ftrsoftfast_click_sql_lite1.1.7cpe:2.3:a:ftrsoft:fast_click_sql_lite:1.1.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ftrsoft	fast_click_sql_lite	1.1.7	cpe:2.3:a:ftrsoft:fast_click_sql_lite:1.1.7:::::::*

References

secunia.com/advisories/32328

securityreason.com/securityalert/4454

www.securityfocus.com/bid/31817

www.vupen.com/english/advisories/2008/2861

exchange.xforce.ibmcloud.com/vulnerabilities/45964

www.exploit-db.com/exploits/6785

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.089

Percentile

94.7%

JSON

Related for CVE-2008-4624