EDB-30831
webappsphpVERIFIED
Ossigeno CMS 2.2_pre1 - '/ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossigeno' Remote File Inclusion
CVE-2007-6218
ShAy6oOoN11/30/2007
CVE-2007-6218
NONEMultiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 pre1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) level parameter to (a) install_module.php and (b)
Veröffentlicht: 12/4/2007Aktualisiert: 4/9/2025
Beschreibung
Multiple PHP remote file inclusion vulnerabilities in Ossigeno CMS 2.2 pre1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) level parameter to (a) install_module.php and (b) uninstall_module.php in upload/xax/admin/modules/, (c) upload/xax/admin/patch/index.php, and (d) install_module.php and (e) uninstall_module.php in upload/xax/ossigeno/admin/; and the (2) ossigeno parameter to (f) ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php, different vectors than CVE-2007-5234.
KI-AnalyseKI-gestützt
Betroffene Produkte
ossigenocms
2.2_pre1
Verfügbare Exploits (6)
EDB-30826
webappsphpVERIFIED
Ossigeno CMS 2.2_pre1 - '/upload/xax/admin/modules/install_module.php?level' Remote File Inclusion
CVE-2007-6218
ShAy6oOoN11/30/2007
EDB-30827
webappsphpVERIFIED
Ossigeno CMS 2.2_pre1 - '/upload/xax/admin/modules/uninstall_module.php?level' Remote File Inclusion
CVE-2007-6218
ShAy6oOoN11/30/2007
EDB-30828
webappsphpVERIFIED
Ossigeno CMS 2.2_pre1 - '/upload/xax/admin/patch/index.php?level' Remote File Inclusion
CVE-2007-6218
ShAy6oOoN11/30/2007
EDB-30829
webappsphpVERIFIED
Ossigeno CMS 2.2_pre1 - '/upload/xax/ossigeno/admin/install_module.php?level' Remote File Inclusion
CVE-2007-6218
ShAy6oOoN11/30/2007
EDB-30830
webappsphpVERIFIED
Ossigeno CMS 2.2_pre1 - '/upload/xax/ossigeno/admin/uninstall_module.php?level' Remote File Inclusion
CVE-2007-6218
ShAy6oOoN11/30/2007
Referenzen
- http://osvdb.org/44312
- http://osvdb.org/44313
- http://osvdb.org/44314
- http://osvdb.org/44315
- http://osvdb.org/44316
- http://osvdb.org/44317
- http://www.packetstormsecurity.org/0711-exploits/ossigeno22-rfi.txt
- http://www.securityfocus.com/bid/26654Exploit
- http://osvdb.org/44312
- http://osvdb.org/44313
- http://osvdb.org/44314
- http://osvdb.org/44315
- http://osvdb.org/44316
- http://osvdb.org/44317
- http://www.packetstormsecurity.org/0711-exploits/ossigeno22-rfi.txt
- http://www.securityfocus.com/bid/26654Exploit