PHP Traverser 'mp3_id.php' Remote File Include Vulnerability Network Vulnerability

Summary

PHP Traverser is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer other attacks are also possible. PHP Traverser 0.8.0 is vulnerable other versions may also be affected.

References

http://sourceforge.net/projects/phptraverse/
https://www.securityfocus.com/bid/41899

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4085

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AdaptBB Multiple Input Validation Vulnerabilities
Adobe ColdFusion Information Disclosure Vulnerability
Agora CGI Cross Site Scripting
Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability

Take action and discover your vulnerabilities