Vulnerabilities > CVE-2004-1820 - Multiple vulnerability in Warpspeed 4Nalbum Module 0.92

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
warpspeed
exploit available
NVD
Published: 2004-03-15
Updated: 2017-07-11

Summary

PHP remote file inclusion vulnerability in displaycategory.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary PHP code by modifying the basepath parameter to reference a URL on a remote web server that contains fileFunctions.php.

Vulnerable Configurations

Part Description Count
Application
Warpspeed
1

Exploit-Db

descriptionWarpSpeed 4nAlbum Module 0.92 displaycategory.php basepath Parameter Remote File Inclusion. CVE-2004-1820. Webapps exploit for php platform
idEDB-ID:23815
last seen2016-02-02
modified2004-03-15
published2004-03-15
reporterJanek Vind
sourcehttps://www.exploit-db.com/download/23815/
titleWarpSpeed 4nAlbum Module 0.92 displaycategory.php basepath Parameter Remote File Inclusion

References