Vulnerabilities > CVE-2006-4880 - Input Validation vulnerability in PHP-Post
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
David Bennett PHP-Post (PHPp) 1.0 and earlier allows remote attackers to obtain sensitive information via a direct request for (1) footer.php, (2) template.php, or (3) lastvisit.php, which reveals the installation path in various error messages.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |