RSS   Vulnerabilities for 'Mx glance'   RSS

2007-10-03
 
CVE-2007-5178

 

 
contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in the mx_root_path parameter. NOTE: some sources incorrectly state that phpbb_root_path is the affected parameter.

 

 >>> Vendor: MXBB 16 Products
Mxbb portal
Mxbb smartor album
Calsnails module
Mx tinies
Mxbb newssuite
Modsdb
MXBB
Kb mods
Activity games module
Mxbb meeting
Mxbb web links
Mxbb charts
Mx shotcast
Mxbb faq
Mxbb rules
Mx glance


Copyright 2024, cxsecurity.com

 

Back to Top