Lucene search
K

4 matches found

Prion
Prion
added 2007/04/25 5:19 p.m.18 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 engdir parameter to addmember.php, 2 langpath parameter to admin/enginelib/class.phpmailer.php, and the 3 spawroot parameter to...

7.5CVSS7.7AI score0.04499EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2007/04/25 5:19 p.m.15 views

CVE-2007-2255

Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 engdir parameter to addmember.php, 2 langpath parameter to admin/enginelib/class.phpmailer.php, and the 3 spawroot parameter to...

7.5CVSS7.3AI score0.01744EPSS
Exploits0References6
Cvelist
Cvelist
added 2007/04/25 5:0 p.m.25 views

CVE-2007-2255

Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 engdir parameter to addmember.php, 2 langpath parameter to admin/enginelib/class.phpmailer.php, and the 3 spawroot parameter to...

7.3AI score0.01744EPSS
Exploits0References6
CVE
CVE
added 2007/04/25 5:0 p.m.59 views

CVE-2007-2255

CVE-2007-2255 affects Download-Engine 1.4.3 and describes multiple PHP remote file inclusion vulnerabilities. The vulnerabilities allow an attacker to supply a URL in parameters (eng_dir to addmember.php, lang_path to admin/enginelib/class.phpmailer.php, and spaw_root to admin/includes/spaw/dialo...

7.5CVSS7.4AI score0.01744EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder