Vulnerabilities > CVE-2005-0698 - Remote File Include vulnerability in Jason Hines PHPWebLog
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the (1) G_PATH parameter to init.inc.php or the (2) PATH parameter to index.php to reference a URL on a remote web server that contains the code.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Exploit-Db
description | phpWebLog <= 0.5.3 Arbitrary File Inclusion. CVE-2005-0698. Webapps exploit for php platform |
id | EDB-ID:864 |
last seen | 2016-01-31 |
modified | 2005-03-07 |
published | 2005-03-07 |
reporter | Filip Groszynski |
source | https://www.exploit-db.com/download/864/ |
title | phpWebLog <= 0.5.3 - Arbitrary File Inclusion |