13 Nov 2018
CVE-2018-19246 - CVE Vulnerability
PHP-Proxy 5.1.0 allows remote attackers to read local files if the default "pre-installed version" (intended for users who lack shell access to their web server) is used. This occurs because the aeb067ca0aa9a3193dce3a7264c90187 app_key value from the default config.php is in place, and this value can be easily used to calculate the authorization data needed for local file inclusion. (CVSS:0.0) (Last Update:2018-11-13)
Vulnerability Details : PHP-Proxy 5.1.0 allows remote attackers to read local files if the default "pre-installed version" (intended for users who lack shell access to their web server) is used. This occurs because the aeb067ca0aa9a3193dce3a7264c90187 app_key value from the default config.php is in place, and this value can be easily used to calculate the authorization data needed for local file inclusion. Publish Date : 2018-11-13 Last Update Date : 2018-11-13 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2018-19246
- References For CVE-2018-19246
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2018-19246There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |