• webadmin.php is a simple Web-based file manager. This file manager should not be installed on production systems because it doesn't employ any user authentication in the default configuration. Therefore an attacker can read and create random files in your system.

• Restrict access to this file or remove it from the system.

• • webadmin homepage

• 

• CWE-16

• Abuse Of Functionality Information Disclosure

• XML external entity injection via external file
• PHP object deserialization of user-supplied data
• Joomla! Core 1.6.x Information Disclosure (1.6.0 - 1.6.3)
• WordPress Plugin HB AUDIO GALLERY LITE Arbitrary File Download (1.0.0)
• Possible server path disclosure (Unix)