Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-2945
HistoryMay 25, 2015 - 5:59 p.m.

CVE-2015-2945

2015-05-2517:59:04
CWE-94
[email protected]
web.nvd.nist.gov
20
cve-2015-2945
hajime fujimoto
mt-phpincgi
php object injection
remote attackers
security vulnerability
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.5%

JSON

mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does not properly restrict URLs, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted request, as exploited in the wild in May 2015.

Affected configurations

NVD
Node
h-fjmt-phpincgiMatch-
CPENameOperatorVersion
h-fj:mt-phpincgih-fj mt-phpincgieq-

Related

jvn 1
prion 1
cvelist 1
nvd 1
jvn
jvn
JVN#64459670: mt-phpincgi vulnerable to PHP object injection
2015-05-20 00:00:00
prion
prion
Design/Logic Flaw
2015-05-25 17:59:00
cvelist
cvelist
CVE-2015-2945
2015-05-25 17:00:00
nvd
nvd
CVE-2015-2945
2015-05-25 17:59:04

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.5%

JSON
Related for CVE-2015-2945
jvn1prion1cvelist1nvd1