Lucene search

[email protected]CVE-2008-5199

HistoryNov 21, 2008 - 5:30 p.m.

CVE-2008-5199

2008-11-2117:30:00

CWE-94

[email protected]

web.nvd.nist.gov

341

cve-2008-5199

php

remote file inclusion

include.php

phpoutsourcing ideabox

idebox 1.1

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.132 Low

EPSS

Percentile

95.6%

JSON

PHP remote file inclusion vulnerability in include.php in PHPOutsourcing IdeaBox (aka IdeBox) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the gorumDir parameter.

Affected configurations

NVD

Node

phpoutsourcingideaboxMatch1.1

CPENameOperatorVersion
phpoutsourcing:ideaboxphpoutsourcing ideaboxeq1.1

CPE	Name	Operator	Version
phpoutsourcing:ideabox	phpoutsourcing ideabox	eq	1.1

References

marc.info/?l=bugtraq&m=121441106806293&w=2

securityreason.com/securityalert/4642

securityvulns.ru/Ndocument286.html

www.securityfocus.com/archive/1/493666

www.securityfocus.com/bid/29944

exchange.xforce.ibmcloud.com/vulnerabilities/43374

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.132 Low

EPSS

Percentile

95.6%

JSON

Related for CVE-2008-5199

prion1 cvelist1 nvd1