CVE-2008-4134

2008-09-1917:04:00

mitre

www.cve.org

7.6 High

AI Score

Confidence

High

0.085 Low

EPSS

Percentile

94.5%

JSON

PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter.

References

php-realty.com/

secunia.com/advisories/31874

securityreason.com/securityalert/4277

www.securityfocus.com/bid/31213

www.vupen.com/english/advisories/2008/2611

exchange.xforce.ibmcloud.com/vulnerabilities/45181

www.exploit-db.com/exploits/6473