Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. NOTE: some of these details are obtained from third party information.
Max CVSS
6.5
EPSS Score
0.29%
Published
2009-08-12
Updated
2017-09-29
mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain configuration details and passwords via a direct request for archive/config.ini.
Max CVSS
7.5
EPSS Score
0.78%
Published
2009-08-12
Updated
2017-09-29
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!