2 matches found
CVE-2004-2740
PHP remote file inclusion vulnerability in authform.inc.php in PHProjekt 4.2.3 and earlier allows remote attackers to include arbitrary PHP code via a URL in the pathpre parameter...
CVE-2004-2740
PHProjekt ≤ 4.2.3 contains a PHP remote file inclusion in lib/authform.inc.php via the path_pre parameter. The issue arises because user input is used in an include_once() without proper sanitization, enabling a remote attacker to include arbitrary PHP code from a URL. OpenVAS/Nessus entries corr...