2 matches found
CVE-2005-2775
phpapi.php in phpWebNotes 2.0.0 uses the extract function to modify key variables such as $tpathcore, which leads to a PHP file inclusion vulnerability that allows remote attackers to execute arbitrary PHP code via the tpathcore parameter...
CVE-2005-2775
CVE-2005-2775 affects phpWebNotes 2.0.0 where the t_path_core parameter is used in core/api.php with PHP’s extract(), enabling a PHP file inclusion vulnerability. This allows a remote attacker to execute arbitrary PHP code on the server and potentially view arbitrary files. The issue is documente...