Lucene search

[email protected]CVE-2008-5764

HistoryDec 30, 2008 - 8:30 p.m.

CVE-2008-5764

2008-12-3020:30:01

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-5764

php

remote file inclusion

vulnerability

worksimple 1.2.1

register_globals

lang parameter

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter.

Affected configurations

NVD

Node

2500mhzworksimpleMatch1.2.1

CPENameOperatorVersion
2500mhz:worksimple2500mhz worksimpleeq1.2.1

CPE	Name	Operator	Version
2500mhz:worksimple	2500mhz worksimple	eq	1.2.1

References

osvdb.org/50726

secunia.com/advisories/33163

securityreason.com/securityalert/4831

www.securityfocus.com/bid/32849

exchange.xforce.ibmcloud.com/vulnerabilities/47361

www.exploit-db.com/exploits/7481

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2008-5764

prion1 cvelist1 canvas1 nvd1