CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-6983

modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers to execute arbitrary PHP code via the HTTP Referer header with a target file specified in the gv_folder_data parameter, as demonstrated by modifying modules/tool/url2header.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 79.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://osvdb.org/47972
http://www.securityfocus.com/bid/31037
https://exchange.xforce.ibmcloud.com/vulnerabilities/44942
https://www.exploit-db.com/exploits/6369
http://osvdb.org/47972
http://www.securityfocus.com/bid/31037
https://exchange.xforce.ibmcloud.com/vulnerabilities/44942
https://www.exploit-db.com/exploits/6369

Products affected by CVE-2008-6983

Devalcms » Devalcms » Version: 1.4a

cpe:2.3:a:devalcms:devalcms:1.4a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6983

Products

Pricing

Contact Us