CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
94.9%
PHP remote file inclusion vulnerability in movie_cls.php in Built2Go PHP Movie Review 2B and earlier allows remote attackers to execute arbitrary PHP code via a URL in the full_path parameter.
Vendor | Product | Version | CPE |
---|---|---|---|
built2go | movie_review | 1a | cpe:2.3:a:built2go:movie_review:1a:*:*:*:*:*:*:* |
built2go | movie_review | 2a | cpe:2.3:a:built2go:movie_review:2a:*:*:*:*:*:*:* |
built2go | movie_review | 2b | cpe:2.3:a:built2go:movie_review:2b:*:*:*:*:*:*:* |