Remote file inclusion

2011-11-0221:55:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

0.078 Low

EPSS

Percentile

94.3%

JSON

PHP remote file inclusion vulnerability in ardeaCore/lib/core/ardeaInit.php in ardeaCore PHP Framework 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the pathForArdeaCore parameter. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
ardeacore_php_frameworkeq2.2

CPE	Name	Operator	Version
	ardeacore_php_framework	eq	2.2

References

packetstormsecurity.org/1006-exploits/ardeacore-rfi.txt

secunia.com/advisories/40207

securityreason.com/securityalert/8503

www.securityfocus.com/bid/40811

www.vupen.com/english/advisories/2010/1444

www.exploit-db.com/exploits/13832/