vendor:
Php AdminPanel
by:
Sina Yazdanmehr (R3d.W0rm)
7.5
CVSS
HIGH
Remote File Disclosure
Not provided
CWE
Product Name: Php AdminPanel
Affected Version From: 1.0.5
Affected Version To: 1.0.5
Patch Exists: NO
Related CWE: Not provided
CPE: Not provided
Platforms Tested: Not provided
Not provided
Php AdminPanel Free version 1.0.5 Remote File Disclosure
The Php AdminPanel Free version 1.0.5 is vulnerable to remote file disclosure. An attacker can exploit this vulnerability by accessing the download.php script and manipulating the 'file' parameter to disclose sensitive files on the server.
Mitigation:
Upgrade to a patched version of Php AdminPanel or apply necessary security measures to prevent unauthorized access to sensitive files.