Vulnerability Details CVE-2004-0285
PHP remote file inclusion vulnerabilities in include/footer.inc.php in (1) AllMyVisitors, (2) AllMyLinks, and (3) AllMyGuests allow remote attackers to execute arbitrary PHP code via a URL in the _AMVconfig[cfg_serverpath] parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.299
EPSS Ranking 96.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=107696209514155&w=2
- http://marc.info/?l=bugtraq&m=107696235424865&w=2
- http://marc.info/?l=bugtraq&m=107696291728750&w=2
- http://www.osvdb.org/6721
- http://www.securityfocus.com/bid/9664
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15226
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15227
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15228
- http://marc.info/?l=bugtraq&m=107696209514155&w=2
- http://marc.info/?l=bugtraq&m=107696235424865&w=2
- http://marc.info/?l=bugtraq&m=107696291728750&w=2
- http://www.osvdb.org/6721
- http://www.securityfocus.com/bid/9664
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15226
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15227
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15228
Products affected by CVE-2004-0285
-
cpe:2.3:a:allmyguests_project:allmyguests:0.1.2
-
cpe:2.3:a:allmyguests_project:allmyguests:0.3
-
cpe:2.3:a:allmyguests_project:allmyguests:0.4
-
cpe:2.3:a:allmyguests_project:allmyguests:0.4.1
-
cpe:2.3:a:allmylinks_project:allmylinks:0.3
-
cpe:2.3:a:allmylinks_project:allmylinks:0.4
-
cpe:2.3:a:allmylinks_project:allmylinks:0.4.1
-
cpe:2.3:a:allmylinks_project:allmylinks:0.4.3
-
cpe:2.3:a:allmylinks_project:allmylinks:0.4.4
-
cpe:2.3:a:allmylinks_project:allmylinks:0.4.9
-
cpe:2.3:a:allmylinks_project:allmylinks:0.5
-
cpe:2.3:a:allmyvisitors_project:allmyvisitors:0.3
-
cpe:2.3:a:allmyvisitors_project:allmyvisitors:0.4