Remote file inclusion

2008-01-2500:00:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.1%

JSON

Multiple PHP remote file inclusion vulnerabilities in BLOG:CMS 4.2.1.c allow remote attackers to execute arbitrary PHP code via a URL in the (1) DIR_PLUGINS parameter to (a) index.php, and the (2) DIR_LIBS parameter to (b) media.php and © xmlrpc/server.php in admin/.

CPENameOperatorVersion
blog_cmseq4.2.1-c

CPE	Name	Operator	Version
	blog_cms	eq	4.2.1-c

References

securityreason.com/securityalert/3576

www.securityfocus.com/archive/1/486743/100/0/threaded