Lucene search

[email protected]CVE-2008-4735

HistoryOct 24, 2008 - 10:30 a.m.

CVE-2008-4735

2008-10-2410:30:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-4735

php

remote file inclusion

vulnerability

concord asset

coast

nvd

7.6 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.6%

JSON

PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter.

Affected configurations

NVD

Node

coastalcoastMatch0.95

CPENameOperatorVersion
coastal:coastcoastal coasteq0.95

CPE	Name	Operator	Version
coastal:coast	coastal coast	eq	0.95

References

secunia.com/advisories/32050

www.securityfocus.com/bid/31461

www.exploit-db.com/exploits/6598

7.6 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.6%

JSON

Related for CVE-2008-4735

nvd1 prion1 cvelist1