CVE-2008-3308

2008-07-2516:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.2%

JSON

PHP remote file inclusion vulnerability in cuenta/cuerpo.php in C. Desseno YouTube Blog (ytb) 0.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the base_archivo parameter.

References

secunia.com/advisories/31161

securityreason.com/securityalert/4037

www.securityfocus.com/bid/30345

exchange.xforce.ibmcloud.com/vulnerabilities/43952

www.exploit-db.com/exploits/6117