Vulnerabilities > CVE-2007-2628 - Remote File Include vulnerability in Justin Koivisto PHPsecurityadmin 4.0.2

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
justin-koivisto
exploit available

Summary

PHP remote file inclusion vulnerability in include/logout.php in Justin Koivisto SecurityAdmin for PHP (aka PHPSecurityAdmin, PSA) 4.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the PSA_PATH parameter.

Vulnerable Configurations

Part Description Count
Application
Justin_Koivisto
1

Exploit-Db

descriptionPHPSecurityAdmin 4.0.2 Logout.PHP Remote File Include Vulnerability. CVE-2007-2628. Webapps exploit for php platform
idEDB-ID:29944
last seen2016-02-03
modified2007-05-03
published2007-05-03
reporterilker Kandemir
sourcehttps://www.exploit-db.com/download/29944/
titlePHPSecurityAdmin 4.0.2 Logout.PHP Remote File Include Vulnerability