Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4134

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-4134
Last Modified 19 Aug 2009 01:19:27
Published 19 Sep 2008 01:15:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4134

Summary

PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter.

Vulnerable Systems

Application

  • Phprealty 0.021

  • Phprealty 0.022

  • Phprealty 0.023

  • Phprealty 0.03


References

XF - phprealty-view-file-include(45181)

VUPEN - ADV-2008-2611

BID - 31213

MILW0RM - 6473

SREASON - 4277

SECUNIA - 31874

CONFIRM - http://php-realty.com/


Last Updated: 27 May 2016 10:48:24