RSS   Vulnerabilities for 'Xoops virii info module'   RSS

2007-04-11
 
CVE-2007-1976

 

 
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application's checkSuperglobals function defends against the attack.

 

 >>> Vendor: Xoops 44 Products
Xoops
Uploader
Wf-downloads
Xoops pool module
Xoops glossaire module
Xoops rmsoft gallery system
Core module
Library module
Tutoriais module
Friendfinder module
Malaika system myads module
Repository module
Rha7 downloads module
Wf-snippets
Happy linux xfsection module
Zmagazine module
Xoops virii info module
Xoops popnupblog
John mordo jobs module
Flashgames module
Wfquotes module
Myconference module
Icontent module
Cjay content module
Xt-conteudo module
Xfsection module
Horoscope module
Tinycontent module
Wiwimod module
Articles module
Mylinks module
Xoopsgallery module
Mytopics
Eempregos module
Prayer list module
Tiny event module
Xm-memberstats
Xm memberstats
Xoops cube
Article module
Kshop module
Makale
Xoops dictionary
Glossaire module


Copyright 2024, cxsecurity.com

 

Back to Top