Vulnerability Details CVE-2008-5694
PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://www.by-f10.com/bug.txt
- http://www.securityfocus.com/archive/1/487903/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47688
- http://www.by-f10.com/bug.txt
- http://www.securityfocus.com/archive/1/487903/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47688