PHPGEDVIEW 2.61 Multiple Remote File Inclusion Vulnerabilities

PHPGEDVIEW 2.61 Multiple Remote File Inclusion Vulnerabilities

CVE-2004-0030 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

PHP remote file inclusion vulnerability in (1) functions.php, (2) authentication_index.php, and (3) config_gedcom.php for PHPGEDVIEW 2.61 allows remote attackers to execute arbitrary PHP code by modifying the PGV_BASE_DIRECTORY parameter to reference a URL on a remote web server that contains the code.

Learn more about our Web App Pen Testing.