Lucene search

[email protected]CVE-2008-5053

HistoryNov 13, 2008 - 11:30 a.m.

CVE-2008-5053

2008-11-1311:30:01

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-5053

php

remote file inclusion

admin.rssreader.php

simple rss reader

joomla!

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.157 Low

EPSS

Percentile

96.0%

JSON

PHP remote file inclusion vulnerability in admin.rssreader.php in the Simple RSS Reader (com_rssreader) 1.0 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_live_site parameter.

Affected configurations

NVD

Node

joomlacom_rssreaderMatch1.0

AND

joomlajoomlaMatch1.0

CPENameOperatorVersion
joomla:com_rssreaderjoomla com rssreadereq1.0

CPE	Name	Operator	Version
joomla:com_rssreader	joomla com rssreader	eq	1.0

References

osvdb.org/49859

securityreason.com/securityalert/4584

www.exploit-db.com/exploits/7096

www.securityfocus.com/bid/32265

www.vupen.com/english/advisories/2008/3119

exchange.xforce.ibmcloud.com/vulnerabilities/46559

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

High

0.157 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2008-5053

prion1 cvelist1 canvas1 nvd1