NVD

Id
2588  
Name
CVE-2008-2690  
Description
Multiple PHP remote file inclusion vulnerabilities in BrowserCRM 5.002.00, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter to (1) kb.php, (2) login.php, (3) index.php, (4) contact_view.php, and (5) contact.php in pub/, different vectors than CVE-2008-2689. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2008-06-13  
Modified Date
2009-04-08  
Seq
2008-2690  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
16273 2588 CVE-2008-2690 browsercrm-bcrmpubroot-file-include(42922)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
47846 JVNDB-2008-003156 BrowserCRM における PHP リモートファイルインクルージョンの脆弱性 BrowserCRM には、register_globals が有効になっている際、PHP リモートファイルインクルージョンの脆弱性が存在します。 CVE-2008-2690 32803 CVE-2008-2690 2588 9.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003156.html 2008-06-13 2012-06-26 View