Back to search
CVE-2005-2775
Published: Sep 2, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
php_api.php in phpWebNotes 2.0.0 uses the extract function to modify key variables such as $t_path_core, which leads to a PHP file inclusion vulnerability that allows remote attackers to execute arbitrary PHP code via the t_path_core parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
14679
vdb-entry
x_refsource_BID
1014807
vdb-entry
x_refsource_SECTRACK
20050827 XSS security hole in phpwebnotes.
mailing-list
x_refsource_BUGTRAQ
phpwebnotes-phpapi-file-include(22040)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now