RSS   Vulnerabilities for 'Mindmeld'   RSS

2008-02-04
 
CVE-2008-0572

CWE-94
 

 
Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/.

 


Copyright 2024, cxsecurity.com

 

Back to Top