Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2008-5167

Published: 19/11/2008 Updated: 29/09/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Boonex

Vulnerability Summary

PHP remote file inclusion vulnerability in layout/default/params.php in Boonex Orca 2.0 and 2.0.2, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the gConf[dir][layouts] parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

boonex orca 2.0

boonex orca 2.0.2

Exploits

Exploit DB: Orca 2.0/2.0.2 - 'params.php?gConf[dir][layouts]' Remote File Inclusion
##################################################################### # # Orca - Interactive Forum Script Remote File Inclusion Vulnerability # ##################################################################### # # Discovered by : Ciph3r # # # MAIL : Ciph3r_blackhat@yahoocom # # # SP tanx4: Iranian hacker & Kurdish security TEAM # # sp TANX ...

References

CWE-94http://secunia.com/advisories/30855http://www.securityfocus.com/bid/29974http://securityreason.com/securityalert/4616https://www.exploit-db.com/exploits/6282https://www.exploit-db.com/exploits/5955https://nvd.nist.govhttps://www.exploit-db.com/exploits/5955/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333CVE-2024-33901CVE-2024-36001CVE-2024-2835firewallXPath injectionauthentication bypassCVE-2024-22120CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook