Описание
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application's checkSuperglobals function defends against the attack.
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application's checkSuperglobals function defends against the attack.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-1976
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33368
- https://www.exploit-db.com/exploits/3642
- http://osvdb.org/37429
- http://www.attrition.org/pipermail/vim/2007-April/001489.html
- http://www.attrition.org/pipermail/vim/2007-April/001490.html
- http://www.vupen.com/english/advisories/2007/1206
EPSS
CVE ID
Связанные уязвимости
PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application's checkSuperglobals function defends against the attack
EPSS