Full title: EasyPHP WebServer v.(all) <= Multiple Vulnerabilities 
Category: web applications
Platform: php
EasyPHP is Suffer from : 
[+] Auth Bypass
[+] Remote Shell Injection / Remote Code Execute

The Bug in EasyPHP WebServer Manager found because
the PORTAL of Administration doesn't protected !
so just when you found the Admin-Portal ->
_ you can bypass the auth directly 
_ and remote attacker can get some informations like phpinfo , 
or Disclosure all folders in the EasyPHP Root Folder
_ and in latest version ( 12.1 ) -> remote attacker can
  Inject PHP Code/Shell , or Execute a Remote PHP Code.

# 0day.today @ http://0day.today/