- Description
- Direct static code injection vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 allows remote administrators to insert arbitrary PHP code into the config file, which is included other N.T. scripts.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:chucky_a._ivey:n.t.:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8C9BF07-AE0E-4F8A-8BE0-CEED1764E0CB"
}
],
"operator": "OR"
}
]
}
]