CVE-2008-1860
published 2008-04-17CVE-2008-1860: Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to inject arbitrary PHP code into includes/Config.php via…
PriorityP348critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
3.05%
85.9th percentile
Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to inject arbitrary PHP code into includes/Config.php via the default parameter.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lokicms | lokicms | <= 0.3.3 | — |
| lokicms | lokicms | — | — |
| lokicms | lokicms | — | — |
| lokicms | lokicms | — | — |
| lokicms | lokicms | — | — |
| lokicms | lokicms | — | — |
| lokicms | lokicms | — | — |
| lokicms | lokicms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/29749http://www.securityfocus.com/archive/1/492877/100/0/threadedhttp://www.vupen.com/english/advisories/2008/1162/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41736https://www.exploit-db.com/exploits/5408http://secunia.com/advisories/29749http://www.securityfocus.com/archive/1/492877/100/0/threadedhttp://www.vupen.com/english/advisories/2008/1162/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41736https://www.exploit-db.com/exploits/5408
2008-04-17
Published