Lucene search
MitreCVE-2008-5949HistoryJan 23, 2009 - 7:00 p.m.
CVE-2008-5949
2009-01-2319:00:04
CWE-94
mitre
web.nvd.nist.gov
23
cve
php
remote file inclusion
cctiddly
vulnerability
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.024
Percentile
90.1%
Multiple PHP remote file inclusion vulnerabilities in ccTiddly 1.7.4 and 1.7.6 allow remote attackers to execute arbitrary PHP code via a URL in the cct_base parameter to (1) index.php; (2) handle/proxy.php; (3) header.php, (4) include.php, and (5) workspace.php in includes/; and (6) plugins/RSS/files/rss.php.
Affected configurations
Node
tiddlywikicctiddlyMatch1.7.4
ORtiddlywikicctiddlyMatch1.7.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tiddlywiki | cctiddly | 1.7.4 | cpe:2.3:a:tiddlywiki:cctiddly:1.7.4:*:*:*:*:*:*:* |
| tiddlywiki | cctiddly | 1.7.6 | cpe:2.3:a:tiddlywiki:cctiddly:1.7.6:*:*:*:*:*:*:* |
Related
openvas
openvas
ccTiddly 'cct_base' Parameter Multiple Remote File Include Vulnerabilities
2010-09-01 00:00:00
ccTiddly <= 1.7.6 Multiple RFI Vulnerabilities
2010-09-01 00:00:00
prion
prion
Remote file inclusion
2009-01-23 19:00:00
exploitdb
exploitdb
ccTiddly 1.7.6 - Multiple Remote File Inclusions
2010-08-05 00:00:00
ccTiddly 1.7.4 - 'cct_base' Remote File Inclusion
2008-12-04 00:00:00
cvelist
cvelist
CVE-2008-5949
2009-01-23 18:38:00
nvd
nvd
CVE-2008-5949
2009-01-23 19:00:04
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.024
Percentile
90.1%
Related for CVE-2008-5949