CVE-2008-4329

PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter.

Link	Resource
http://www.securityfocus.com/bid/31413	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/45435
https://www.exploit-db.com/exploits/6571

Configuration 1

cpe:2.3:a:openengine:openengine:1.9_beta2:*:*:*:*:*:*:* cpe:2.3:a:openengine:openengine:1.8_beta2:*:*:*:*:*:*:* cpe:2.3:a:openengine:openengine:1.7.1:*:*:*:*:*:*:* cpe:2.3:a:openengine:openengine:1.9_beta1:*:*:*:*:*:*:* cpe:2.3:a:openengine:openengine:1.9_beta3:*:*:*:*:*:*:* cpe:2.3:a:openengine:openengine:*:*:*:*:*:*:*:*

---

Published : 2008-09-30 05:22

Updated : 2017-09-29 01:32

---

NVD link : CVE-2008-4329

Mitre link : CVE-2008-4329

No products.

CWE-20