Remote file inclusion

2006-04-2910:02:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.7%

JSON

PHP remote file inclusion vulnerability in Thumbnail AutoIndex before 2.0 allows remote attackers to execute arbitrary PHP code via (1) README.html or (2) HEADER.html.

CPENameOperatorVersion
php_thumbnail_autoindexeq1.3
php_thumbnail_autoindexeq1.2.1
php_thumbnail_autoindexeq1.4
php_thumbnail_autoindexeq1.2.4
php_thumbnail_autoindexeq1.2
php_thumbnail_autoindexeq1.0
php_thumbnail_autoindexeq1.2.3
php_thumbnail_autoindexeq1.2.2
php_thumbnail_autoindexeq1.1

Name	Operator	Version
php_thumbnail_autoindex	eq	1.3
php_thumbnail_autoindex	eq	1.2.1
php_thumbnail_autoindex	eq	1.4
php_thumbnail_autoindex	eq	1.2.4
php_thumbnail_autoindex	eq	1.2
php_thumbnail_autoindex	eq	1.0
php_thumbnail_autoindex	eq	1.2.3
php_thumbnail_autoindex	eq	1.2.2
php_thumbnail_autoindex	eq	1.1

References

staff.xiaoka.com/smoku/stuff/ThAutoIndex/ChangeLog

www.osvdb.org/24873