Vulnerability Description
PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treated as an issue in Sandbox.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sandbox | Sandbox | 1.4.1 |
Related Weaknesses (CWE)
References
- http://www.by-f10.com/bug.txtURL Repurposed
- http://www.securityfocus.com/archive/1/487903/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47688
- http://www.by-f10.com/bug.txtURL Repurposed
- http://www.securityfocus.com/archive/1/487903/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47688
FAQ
What is CVE-2008-5694?
CVE-2008-5694 is a vulnerability with a CVSS score of 10.0 (HIGH). PHP remote file inclusion vulnerability in lib/jpgraph/jpgraph_errhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue,...
How severe is CVE-2008-5694?
CVE-2008-5694 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5694?
Check the references section above for vendor advisories and patch information. Affected products include: Sandbox Sandbox.