Vulnerability Details CVE-2008-4624
PHP remote file inclusion vulnerability in init.php in Fast Click SQL Lite 1.1.7, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CFG[CDIR] parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.7%
CVSS Severity
CVSS v2 Score 9.3
References
- http://secunia.com/advisories/32328
- http://securityreason.com/securityalert/4454
- http://www.securityfocus.com/bid/31817
- http://www.vupen.com/english/advisories/2008/2861
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45964
- https://www.exploit-db.com/exploits/6785
- http://secunia.com/advisories/32328
- http://securityreason.com/securityalert/4454
- http://www.securityfocus.com/bid/31817
- http://www.vupen.com/english/advisories/2008/2861
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45964
- https://www.exploit-db.com/exploits/6785
Products affected by CVE-2008-4624
-
cpe:2.3:a:ftrsoft:fast_click_sql_lite:1.1.7