Vulnerabilities > CVE-2005-2685 - Remote Security vulnerability in Savewebportal 3.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via a direct request to admin/PhpMyExplorer/editerfichier.php, then editing the desired file to contain the PHP code, as demonstrated using header.php in the fichier parameter. NOTE: it is possible that this vulnerability stems from PhpMyExplorer, which is a separate package.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |