Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5314


Vulnerability Score 6.8 6.8
CVE Id CVE-2007-5314
Last Modified 07 Mar 2011 10:00:29
Published 09 Oct 2007 05:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



PHP remote file inclusion vulnerability in system/funcs/xkurl.php in xKiosk WEB 3.0.1i, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PEARPATH parameter.

Vulnerable Systems


  • Xkiosk Web 3.0.1i


VUPEN - ADV-2007-3427

MILW0RM - 4502

SECUNIA - 27140

OSVDB - 37620

XF - xkioskweb-xkurl-file-include(37030)

Last Updated: 27 May 2016 10:46:08