CVE-2004-0132 in ezContentsinfo

Summary

Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using (1) the GLOBALS[rootdp] parameter to db.php, or (2) the GLOBALS[language_home] parameter to archivednews.php, and a malicious version of lang_admin.php.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Disclosure

03/03/2004

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-269 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.01437

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0132
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0132
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0132/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!