Test Kennung:	1.3.6.1.4.1.25623.1.0.12021
Kategorie:	Web application abuses
Titel:	Remote Code Execution in ezContents
Zusammenfassung:	ezContents has been found to contain a vulnerability that would; allow a remote attacker to cause the PHP script to include an external PHP file and execute its content.
Beschreibung:	Summary: ezContents has been found to contain a vulnerability that would allow a remote attacker to cause the PHP script to include an external PHP file and execute its content. Vulnerability Impact: This would allow an attacker to cause the server to execute arbitrary code. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 9396 Common Vulnerability Exposure (CVE) ID: CVE-2004-0070 http://www.securityfocus.com/bid/9396 Bugtraq: 20040110 Remote Code Execution in ezContents (Google Search) http://marc.info/?l=bugtraq&m=107392588915627&w=2 http://www.osvdb.org/6878 XForce ISS Database: ezcontents-php-file-include(14199) https://exchange.xforce.ibmcloud.com/vulnerabilities/14199
Copyright	Copyright (C) 2004 Noam Rathaus

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.