Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) Vert/index.php, (2) Noir/index.php, and (3) Bleu/index.php in template/, different vectors than CVE-2008-0645.
References
Configurations
History
21 Nov 2024, 00:43
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/27962 - | |
References | () https://www.exploit-db.com/exploits/5182 - |
Information
Published : 2008-02-28 21:44
Updated : 2024-11-21 00:43
NVD link : CVE-2008-1068
Mitre link : CVE-2008-1068
CVE.ORG link : CVE-2008-1068
JSON object : View
Products Affected
portail_web_php
- portail_web_php
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')