Lucene search
OpenJS FoundationFRIENDSOFPHP:IISOFT:YII:CVE-2014-4672HistoryJun 30, 2014 - 7:15 a.m.
The CDetailView widget allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property
2014-06-3007:15:00
OpenJS Foundation
github.com
3
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.7%
Affected configurations
Node
yiisoftyiiRange<1.1.15
| CPE | Name | Operator | Version |
|---|---|---|---|
| yiisoft/yii | lt | 1.1.15 |
Related
nvd
nvd
CVE-2014-4672
2014-07-03 17:55:06
cve
cve
CVE-2014-4672
2014-07-03 17:55:06
github
github
Yii PHP Framework arbitrary PHP scripts execution
2022-05-17 04:38:57
freebsd
freebsd
yii -- Remote arbitrary PHP code execution
2014-07-03 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2017-07-30 07:52:29
prion
prion
Code injection
2014-07-03 17:55:00
osv
osv
Yii PHP Framework arbitrary PHP scripts execution
2022-05-17 04:38:57
nessus
nessus
cvelist
cvelist
CVE-2014-4672
2014-07-03 17:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.2 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.7%
Related for FRIENDSOFPHP:IISOFT:YII:CVE-2014-4672