Vulnerability in N/a
CVE-2007-3237
PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the TinyContent 1.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably…
EPSS: 0.631 (98.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 4063 (exploit, x_refsource_EXPLOIT-DB)
- 35383 (x_refsource_OSVDB, vdb-entry)
- ADV-2007-2204 (vdb-entry, x_refsource_VUPEN)
- 25652 (x_refsource_SECUNIA, third-party-advisory)
- www.xoops.org/modules/news/article.php (x_refsource_CONFIRM)
- xoops-tinycontent-spawcontrol-file-include(34839) (vdb-entry, x_refsource_XF)