Bolinos : Security Vulnerabilities, CVEs, CVSS score >= 5
BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/_b/contentFiles/gBphpInfo.php, which calls the phpinfo function.
Max CVSS
5.0
EPSS Score
0.47%
Published
2008-03-31
Updated
2018-10-11
Directory traversal vulnerability in system/_b/contentFiles/gbincluder.php in BolinOS 4.6.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _bFileToInclude parameter.
Max CVSS
6.8
EPSS Score
0.74%
Published
2008-03-31
Updated
2018-10-11
PHP remote file inclusion vulnerability in system/_b/contentFiles/gBHTMLEditor.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Max CVSS
7.5
EPSS Score
1.15%
Published
2006-09-19
Updated
2017-07-20
PHP remote file inclusion vulnerability in system/_b/contentFiles/gBIndex.php in BolinOS 4.5.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the gBRootPath parameter.
Max CVSS
5.1
EPSS Score
11.23%
Published
2006-09-19
Updated
2018-10-17
4 vulnerabilities found