RSS   Vulnerabilities for 'Xnova'   RSS

2009-02-02
 
CVE-2008-6023

CWE-94
 

 
PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in a newer version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the xnova_root_path parameter.

 
 
CVE-2008-6022

CWE-94
 

 
PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in an older version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the ugamela_root_path parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top