Savewebportal Savewebportal : Security vulnerabilities, CVEs

Copy

CVE-2005-2687

PHP remote file inclusion vulnerability in SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.

Max CVSS

7.5

EPSS Score

2.48%

Published

2005-08-24

Updated

2017-07-11

CVE-2005-2686

Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.

Max CVSS

7.5

EPSS Score

0.44%

Published

2005-08-24

Updated

2008-09-05

CVE-2005-2685

SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via a direct request to admin/PhpMyExplorer/editerfichier.php, then editing the desired file to contain the PHP code, as demonstrated using header.php in the fichier parameter. NOTE: it is possible that this vulnerability stems from PhpMyExplorer, which is a separate package.

Max CVSS

7.5

EPSS Score

0.44%

Published

2005-08-24

Updated

2008-09-05

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!