Podatność CVE-2016-6174

Podatność CVE-2016-6174

Publikacja: 2016-07-12

Opis:

	Tytuł	Autor	Data
High	IPS Community Suite 4.1.12.3 PHP Code Injection	Egidio Romano	09.07.2016

Typ:

(Improper Control of Generation of Code ('Code Injection'))

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
6.8/10	6.4/10	8.6/10

Affected software
PHP -> PHP
Invisionpower -> Invision power board

http://karmainsecurity.com/KIS-2016-11

http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html

http://packetstormsecurity.com/files/137804/IPS-Community-Suite-4.1.12.3-PHP-Code-Injection.html

http://seclists.org/fulldisclosure/2016/Jul/19

http://www.securityfocus.com/bid/91732

https://invisionpower.com/release-notes/4113-r44/

https://support.apple.com/HT207170

https://www.exploit-db.com/exploits/40084/