CVSS: 9.8EPSS: 10%CPEs: 1EXPL: 2CVE-2007-2456 – Firefly 1.1.01 - 'doc_root' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2007-2456
02 May 2007 — Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the doc_root parameter to (1) localize.php or (2) config.php in modules/admin/include/. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en FireFly 1.1.01 permite a atacantes remotos ejecutar código PHP de su elección a través de una URL en el parámetro doc_root en (1) localize.php o (2) config.php en modules/admin/include/. • https://www.exploit-db.com/exploits/3805 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2005-1808
https://notcve.org/view.php?id=CVE-2005-1808
30 May 2005 — Firefly Studios Stronghold 2 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large size value for the nickname, which causes a memory allocation failure and generates an exception. • http://aluigi.altervista.org/adv/strong2boom-adv.txt •