Phpcentral : Security Vulnerabilities, CVEs,
PHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter. NOTE: a third party disputes this vulnerability because of the special nature of the SERVER superglobal array.
Max CVSS
7.5
EPSS Score
2.04%
Published
2007-08-14
Updated
2018-10-15
Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable extraction error in functions.php.
Max CVSS
7.5
EPSS Score
2.17%
Published
2007-08-14
Updated
2018-10-15
2 vulnerabilities found