Vulnerabilities > CVE-2014-8731 - Deserialization of Untrusted Data vulnerability in PHPmemcachedadmin Project PHPmemcachedadmin 1.2.2

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
phpmemcachedadmin-project
CWE-502
critical
NVD
Published: 2017-03-23
Updated: 2018-10-09

Summary

PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vectors related "serialized data and the last part of the concatenated filename," which creates a file in webroot.

Vulnerable Configurations

Part Description Count
Application
Phpmemcachedadmin_Project
1

Common Weakness Enumeration (CWE)

References