PT-2005-2755 · Phpstat · Phpstat
Publicado
2005-05-27
·
Atualizado
2016-11-25
·
CVE-2005-1787
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
phpStat version 1.5
Description
The issue allows remote attackers to bypass authentication and gain administrator privileges. This is achieved by setting the
check variable in the setup.php file.Recommendations
For phpStat version 1.5, consider restricting access to the setup.php file until a patch is available. As a temporary workaround, avoid using the setup.php file or restrict the ability to set the
check variable to prevent exploitation.Exploit
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Phpstat