Remote file inclusion

2008-09-1917:15:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

Low

0.085 Low

EPSS

Percentile

94.5%

JSON

PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter.

CPENameOperatorVersion
phprealtyeq0.021
phprealtyeq0.022
phprealtyle0.03
phprealtyeq0.023

Name	Operator	Version
phprealty	eq	0.021
phprealty	eq	0.022
phprealty	le	0.03
phprealty	eq	0.023

References

php-realty.com/

secunia.com/advisories/31874

securityreason.com/securityalert/4277

www.securityfocus.com/bid/31213

www.vupen.com/english/advisories/2008/2611

exchange.xforce.ibmcloud.com/vulnerabilities/45181

www.exploit-db.com/exploits/6473