Lucene search

[email protected]CVE-2008-1069

HistoryFeb 28, 2008 - 9:44 p.m.

CVE-2008-1069

2008-02-2821:44:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-1069

quantum game library

php

remote file inclusion

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.4%

JSON

Multiple PHP remote file inclusion vulnerabilities in Quantum Game Library 0.7.2c allow remote attackers to execute arbitrary PHP code via a URL in the CONFIG[gameroot] parameter to (1) server_request.php and (2) qlib/smarty.inc.php.

Affected configurations

NVD

Node

quantum_game_libraryquantum_game_libraryMatch0.7.2c

CPENameOperatorVersion
quantum_game_library:quantum_game_libraryquantum game libraryeq0.7.2c

CPE	Name	Operator	Version
quantum_game_library:quantum_game_library	quantum game library	eq	0.7.2c

References

secunia.com/advisories/29077

www.securityfocus.com/bid/27945

exchange.xforce.ibmcloud.com/vulnerabilities/40776

www.exploit-db.com/exploits/5174

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.4%

JSON

Related for CVE-2008-1069

nvd1 prion1 canvas1 cvelist1