Lucene search
HistoryJul 03, 2014 - 5:55 p.m.
CVE-2014-4672
cve-2014-4672
cdetailview
yii php framework
remote attack
arbitrary php scripts
nvd
7.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
77.6%
The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property.
Affected configurations
Node
yiiframeworkyiiframeworkMatch1.1.14
| CPE | Name | Operator | Version |
|---|---|---|---|
| yiiframework:yiiframework | yiiframework | eq | 1.1.14 |
Related
github
github
Yii PHP Framework arbitrary PHP scripts execution
2022-05-17 04:38:57
nvd
nvd
CVE-2014-4672
2014-07-03 17:55:06
prion
prion
Code injection
2014-07-03 17:55:00
osv
osv
Yii PHP Framework arbitrary PHP scripts execution
2022-05-17 04:38:57
veracode
veracode
Remote Code Execution (RCE)
2017-07-30 07:52:29
friendsofphp
friendsofphp
freebsd
freebsd
yii -- Remote arbitrary PHP code execution
2014-07-03 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2014-4672
2014-07-03 17:00:00
7.4 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
77.6%
Related for CVE-2014-4672