Remote file inclusion

2009-03-0611:30:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

Low

0.024 Low

EPSS

Percentile

89.9%

JSON

PHP remote file inclusion vulnerability in hu/modules/reg-new/modstart.php in Sofi WebGui 0.6.3 PRE and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mod_dir parameter.

CPENameOperatorVersion
sofi_webguieq<= 0.6.3pre
sofi_webguieq0.5.2
sofi_webguieq0.4.2
sofi_webguieq0.6.0-pre

Name	Operator	Version
sofi_webgui	eq	<= 0.6.3pre
sofi_webgui	eq	0.5.2
sofi_webgui	eq	0.4.2
sofi_webgui	eq	0.6.0-pre

References

www.securityfocus.com/bid/31341

exchange.xforce.ibmcloud.com/vulnerabilities/45380

www.exploit-db.com/exploits/6539