Vulnerabilities > CVE-2004-1820 - Multiple vulnerability in Warpspeed 4Nalbum Module 0.92
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in displaycategory.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary PHP code by modifying the basepath parameter to reference a URL on a remote web server that contains fileFunctions.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | WarpSpeed 4nAlbum Module 0.92 displaycategory.php basepath Parameter Remote File Inclusion. CVE-2004-1820. Webapps exploit for php platform |
id | EDB-ID:23815 |
last seen | 2016-02-02 |
modified | 2004-03-15 |
published | 2004-03-15 |
reporter | Janek Vind |
source | https://www.exploit-db.com/download/23815/ |
title | WarpSpeed 4nAlbum Module 0.92 displaycategory.php basepath Parameter Remote File Inclusion |