Phpcentral : Security vulnerabilities, CVEs

Copy

CVE-2007-4342

PHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter. NOTE: a third party disputes this vulnerability because of the special nature of the SERVER superglobal array.

Max CVSS

7.5

EPSS Score

2.04%

Published

2007-08-14

Updated

2018-10-15

CVE-2007-4339

Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable extraction error in functions.php.

Max CVSS

7.5

EPSS Score

2.17%

Published

2007-08-14

Updated

2018-10-15

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!