CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-7000

PHP remote file inclusion vulnerability in index.php in PHPAuction 3.2 allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. NOTE: this might be related to CVE-2005-2255.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://packetstorm.linuxsecurity.com/0809-exploits/phpauction32-rfi.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/44938
http://packetstorm.linuxsecurity.com/0809-exploits/phpauction32-rfi.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/44938

Products affected by CVE-2008-7000

Phpauction » Phpauction » Version: 3.2

cpe:2.3:a:phpauction:phpauction:3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-7000

Products

Pricing

Contact Us