Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5314

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-5314
Last Modified 07 Mar 2011 10:00:29
Published 09 Oct 2007 05:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5314

Summary

PHP remote file inclusion vulnerability in system/funcs/xkurl.php in xKiosk WEB 3.0.1i, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the PEARPATH parameter.

Vulnerable Systems

Application

  • Xkiosk Web 3.0.1i


References

VUPEN - ADV-2007-3427

MILW0RM - 4502

SECUNIA - 27140

OSVDB - 37620

XF - xkioskweb-xkurl-file-include(37030)


Last Updated: 27 May 2016 10:46:08