Lucene search

K
nvd[email protected]NVD:CVE-2008-4719
HistoryOct 23, 2008 - 8:00 p.m.

CVE-2008-4719

2008-10-2320:00:01
CWE-94
web.nvd.nist.gov
3
php
file inclusion
vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.026

Percentile

90.5%

PHP remote file inclusion vulnerability in cms/classes/openengine/filepool.php in openEngine 2.0 beta2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter, a different vector than CVE-2008-4329.

Affected configurations

Nvd
Node
openengineopenengineMatch2.0beta2
VendorProductVersionCPE
openengineopenengine2.0cpe:2.3:a:openengine:openengine:2.0:beta2:*:*:*:*:*:*

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.026

Percentile

90.5%

Related for NVD:CVE-2008-4719