Remote file inclusion

2008-12-3020:30:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.1%

JSON

PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter.

CPENameOperatorVersion
worksimpleeq1.2.1

CPE	Name	Operator	Version
	worksimple	eq	1.2.1

References

osvdb.org/50726

secunia.com/advisories/33163

securityreason.com/securityalert/4831

www.securityfocus.com/bid/32849

exchange.xforce.ibmcloud.com/vulnerabilities/47361

www.exploit-db.com/exploits/7481