Phpdevshell: Security Vulnerabilities
PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by gzip.php.
CVSS Score
5.0
EPSS Score
0.003
Published
2011-09-24
PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information.
CVSS Score
8.5
EPSS Score
0.006
Published
2007-11-30
Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown impact and attack vectors, involving a "minor security bug in repair & optimize database."
CVSS Score
10.0
EPSS Score
0.003
Published
2007-11-30