CVEDB API

Vulnerability Details CVE-2012-5224

PHP remote file inclusion vulnerability in vb/includes/vba_cmps_include_bottom.php in vBadvanced CMPS 3.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pages[template] parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://packetstormsecurity.org/files/view/109098/vbadvancedcmps-rfilfi.txt
http://www.securityfocus.com/bid/51672
http://www.vbadvanced.com/forum/showthread.php?s=c4fdb72b5c0751a056e814bf32a26ddb&t=44720
https://exchange.xforce.ibmcloud.com/vulnerabilities/72736
http://packetstormsecurity.org/files/view/109098/vbadvancedcmps-rfilfi.txt
http://www.securityfocus.com/bid/51672
http://www.vbadvanced.com/forum/showthread.php?s=c4fdb72b5c0751a056e814bf32a26ddb&t=44720
https://exchange.xforce.ibmcloud.com/vulnerabilities/72736

Products affected by CVE-2012-5224

Vbadvanced » Vbadvanced Cmps » Version: Any

cpe:2.3:a:vbadvanced:vbadvanced_cmps:*
Vbadvanced » Vbadvanced Cmps » Version: 3.2.1

cpe:2.3:a:vbadvanced:vbadvanced_cmps:3.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-5224

Products

Pricing

Contact Us