Vulnerabilities > CVE-2004-0132 - Unspecified vulnerability in Visualshapers Ezcontents

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

visualshapers

exploit available

NVD

Published: 2004-03-03

Updated: 2024-11-20

Summary

Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using (1) the GLOBALS[rootdp] parameter to db.php, or (2) the GLOBALS[language_home] parameter to archivednews.php, and a malicious version of lang_admin.php.

Vulnerable Configurations

Part	Description	Count
Application	Visualshapers Visualshapers Ezcontents 1.45 Visualshapers Ezcontents 2.0_Rc2 Visualshapers Ezcontents 1.40 Visualshapers Ezcontents 1.41 Visualshapers Ezcontents 1.43 Visualshapers Ezcontents 1.45B Visualshapers Ezcontents 2.0.2 Visualshapers Ezcontents 1.44 Visualshapers Ezcontents 2.0.1 Visualshapers Ezcontents 1.42 Visualshapers Ezcontents 2.0_Rc3 Visualshapers Ezcontents 2.0_Rc1	12

Exploit-Db

description	VisualShapers ezContents 1.x/2.0 db.php Arbitrary File Inclusion. CVE-2004-0132. Webapps exploit for php platform
id	EDB-ID:23683
last seen	2016-02-02
modified	2004-02-11
published	2004-02-11
reporter	Cedric Cochin
source	https://www.exploit-db.com/download/23683/
title	VisualShapers ezContents 1.x/2.0 db.php Arbitrary File Inclusion

description	VisualShapers ezContents 1.x/2.0 archivednews.php Arbitrary File Inclusion. CVE-2004-0132. Webapps exploit for php platform
id	EDB-ID:23684
last seen	2016-02-02
modified	2004-02-11
published	2004-02-11
reporter	Cedric Cochin
source	https://www.exploit-db.com/download/23684/
title	VisualShapers ezContents 1.x/2.0 archivednews.php Arbitrary File Inclusion

Summary

Vulnerable Configurations

Exploit-Db

References