6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.007 Low
EPSS
Percentile
80.3%
Secunia reports:
phpWebFTP have a vulnerability, which can be exploited by
malicious people to disclose sensitive information.
Input passed to the “language” parameter in index.php isn’t
properly verified, before it is used to include files. This can be
exploited to include arbitrary files from local resources.
Successful exploitation requires that “magic_quotes_gpc” is
disabled.