Produkt Xnova (...) - CVEMAP.ORG

Podatności dla 'Xnova'

2009-02-02

CVE-2008-6023

CWE-94

PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in a newer version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the xnova_root_path parameter.

CVE-2008-6022

CWE-94

PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in an older version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the ugamela_root_path parameter.

Copyright 2024, cxsecurity.com