Description
PHP remote file inclusion vulnerability in common.php in phpATM 1.21, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the include_location parameter to index.php.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Ingvar Gilbert · textwebappsphp
https://www.exploit-db.com/exploits/25686
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014008
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/16692
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/15420
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111653168810937&w=2
Scores
EPSS
0.0401
EPSS Percentile
88.6%
Details
Status
published
Products (2)
bugada_andrea/php_advanced_transfer_manager
1.20
bugada_andrea/php_advanced_transfer_manager
1.21
Published
May 20, 2005
Tracked Since
Feb 18, 2026