Vulnerability in N/a
CVE-2007-3236
PHP remote file inclusion vulnerability in footer.php in the Horoscope 1.0 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter.
EPSS: 0.842 (99.3th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- ADV-2007-2169 (vdb-entry, x_refsource_VUPEN)
- 35382 (x_refsource_OSVDB, vdb-entry)
- 25651 (x_refsource_SECUNIA, third-party-advisory)
- 4064 (exploit, x_refsource_EXPLOIT-DB)
- 24449 (vdb-entry, x_refsource_BID)
- 20070614 true: XOOPS Modules Horoscope RFI (mailing-list, x_refsource_VIM)
- xoops-horoscope-footer-file-include(34837) (vdb-entry, x_refsource_XF)