Savewebportal » Savewebportal : Security Vulnerabilities, CVEs, CVSS score >= 7
PHP remote file inclusion vulnerability in SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.
Max CVSS
7.5
EPSS Score
2.48%
Published
2005-08-24
Updated
2017-07-11
Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.
Max CVSS
7.5
EPSS Score
0.44%
Published
2005-08-24
Updated
2008-09-05
SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via a direct request to admin/PhpMyExplorer/editerfichier.php, then editing the desired file to contain the PHP code, as demonstrated using header.php in the fichier parameter. NOTE: it is possible that this vulnerability stems from PhpMyExplorer, which is a separate package.
Max CVSS
7.5
EPSS Score
0.44%
Published
2005-08-24
Updated
2008-09-05
3 vulnerabilities found