Vulnerabilities > CVE-2004-0132 - Unspecified vulnerability in Visualshapers Ezcontents
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using (1) the GLOBALS[rootdp] parameter to db.php, or (2) the GLOBALS[language_home] parameter to archivednews.php, and a malicious version of lang_admin.php.
Vulnerable Configurations
Exploit-Db
description VisualShapers ezContents 1.x/2.0 db.php Arbitrary File Inclusion. CVE-2004-0132. Webapps exploit for php platform id EDB-ID:23683 last seen 2016-02-02 modified 2004-02-11 published 2004-02-11 reporter Cedric Cochin source https://www.exploit-db.com/download/23683/ title VisualShapers ezContents 1.x/2.0 db.php Arbitrary File Inclusion description VisualShapers ezContents 1.x/2.0 archivednews.php Arbitrary File Inclusion. CVE-2004-0132. Webapps exploit for php platform id EDB-ID:23684 last seen 2016-02-02 modified 2004-02-11 published 2004-02-11 reporter Cedric Cochin source https://www.exploit-db.com/download/23684/ title VisualShapers ezContents 1.x/2.0 archivednews.php Arbitrary File Inclusion