 | |
| |||||||
| Home | Register | Projects | Blogs | FAQ | Calendar | Search | Today's Posts | Mark Forums Read | Free Directory | Free DNSReport | Tags |
| Notices |
| Advisories Discuss about all newly security flaws classed by CVE entries and reviewed by security experts |
CVE-2007-6652 (xcms)This is a discussion on "CVE-2007-6652 (xcms)" within the Advisories part of the Computer Security: Discussions section; cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct direct static code injection attacks and execute arbitrary code via the testo_0 parameter in a ... |
 |
| | LinkBack | Thread Tools | Display Modes |
04-01-08
| |||
| |||
 CVE-2007-6652 (xcms) cpie.php in XCMS 1.83 and earlier sends a redirect to the web browser but does not exit, which allows remote attackers to conduct direct static code injection attacks and execute arbitrary code via the testo_0 parameter in a cpie admin action to index.php, which writes to dati/generali/footer.dtb (aka the XCMS footer). More...  |
| Sponsor | ||
| ||
| |
|
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Microsoft Service Packs Going Out of Support - May 2007 | class101 | Security discussions | 0 | 02-05-07 01:08 |
| Office 2007 vulnerability | class101 | Vulnerability MarketPlace | 1 | 25-04-07 22:55 |
