RSS   Vulnerabilities for 'Modules builder'   RSS

2007-05-01
 
CVE-2007-2422

CWE-Other
 

 
** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Modules Builder (modbuild) 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter to (1) config-bak.php or (2) config.php. NOTE: CVE disputes this vulnerability because the unmodified scripts set the applicable variable to the empty string; reasonable modified copies would use a fixed pathname string.

 

 >>> Vendor: Comdev 11 Products
Comdev ecommerce
Comdev vote caster
Comdev csv importer
Comdev forum
Comdev misc tools
Comdev form designer
Comdev web blogger
Comdev one admin pro
Modules builder
Comdev news publisher
Jomestate pro


Copyright 2024, cxsecurity.com

 

Back to Top