Vulnerability Details CVE-2004-1582
PHP remote file inclusion vulnerability in BlackBoard 1.5.1 allows remote attackers to execute arbitrary PHP code by modifying the libpath parameter (incorrectly called "libpach") to reference a URL on a remote web server that contains _more.php, as demonstrated using checkdb.inc.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://blackboard.unclassified.de/70%2C1#1031
- http://marc.info/?l=bugtraq&m=109707701719659&w=2
- http://secunia.com/advisories/12757
- http://www.securityfocus.com/bid/11336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17637
- http://blackboard.unclassified.de/70%2C1#1031
- http://marc.info/?l=bugtraq&m=109707701719659&w=2
- http://secunia.com/advisories/12757
- http://www.securityfocus.com/bid/11336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17637
Products affected by CVE-2004-1582
-
cpe:2.3:a:blackboard_internet_newsboard_system:blackboard_internet_newsboard_system:1.5.1