php_api.php in phpWebNotes 2.0.0 uses the extract function to modify key variables such as $t_path_core, which leads to a PHP file inclusion vulnerability that allows remote attackers to execute arbitrary PHP code via the t_path_core parameter.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2005-09-02T04:00:00
Updated: 2024-08-07T22:45:01.902Z
Reserved: 2005-09-02T00:00:00
Link: CVE-2005-2775

No data.

Status : Modified
Published: 2005-09-02T23:03:00.000
Modified: 2024-11-21T00:00:24.337
Link: CVE-2005-2775

No data.