Lucene search

[email protected]CVE-2008-3401

HistoryJul 31, 2008 - 4:41 p.m.

CVE-2008-3401

2008-07-3116:41:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-3401

php

remote file inclusion

hiox random ad

hra

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.085 Low

EPSS

Percentile

94.5%

JSON

PHP remote file inclusion vulnerability in hioxRandomAd.php in HIOX Random Ad (HRA) 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the hm parameter.

Affected configurations

NVD

Node

hscriptshiox_random_adMatch1.3

CPENameOperatorVersion
hscripts:hiox_random_adhscripts hiox random adeq1.3

CPE	Name	Operator	Version
hscripts:hiox_random_ad	hscripts hiox random ad	eq	1.3

References

secunia.com/advisories/31300

securityreason.com/securityalert/4082

www.securityfocus.com/archive/1/494927/100/0/threaded

www.securityfocus.com/bid/30435

exchange.xforce.ibmcloud.com/vulnerabilities/44061

www.exploit-db.com/exploits/6161

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.085 Low

EPSS

Percentile

94.5%

JSON

Related for CVE-2008-3401

nvd1 cvelist1 prion1