CVE-2008-1760
Published Apr 12, 2008
Last updated 9 months ago
Overview
- Description
- Multiple PHP remote file inclusion vulnerabilities in Blogator-script before 1.01 allow remote attackers to execute arbitrary PHP code via a URL in the incl_page parameter in (1) struct_admin.php, (2) struct_admin_blog.php, and (3) struct_main.php in _blogadata/include.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:blogator-script:blogator-script:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7C4C5AD-C4E8-4B3A-B1A0-ED0357332F18",
"versionEndIncluding": "1.00"
},
{
"criteria": "cpe:2.3:a:blogator-script:blogator-script:0.90:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA3DEDEF-5E9F-448F-BF4A-455AEDC23FC4"
},
{
"criteria": "cpe:2.3:a:blogator-script:blogator-script:0.91:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4044E07B-A56F-41A5-87C2-FFB4D732BD44"
},
{
"criteria": "cpe:2.3:a:blogator-script:blogator-script:0.92:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E49B61D3-AEE9-404C-9655-E50F0D8B9AA3"
},
{
"criteria": "cpe:2.3:a:blogator-script:blogator-script:0.93:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D37FBA4-5C3B-40E0-8F3E-CBFFA569B8ED"
},
{
"criteria": "cpe:2.3:a:blogator-script:blogator-script:0.95:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F75A63DE-A2BC-4E11-B894-3CE004BAA360"
}
],
"operator": "OR"
}
]
}
]