Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0450

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-0450
Last Modified 05 Sep 2008 05:35:06
Published 24 Jan 2008 07:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0450

Summary

Multiple PHP remote file inclusion vulnerabilities in BLOG:CMS 4.2.1.c allow remote attackers to execute arbitrary PHP code via a URL in the (1) DIR_PLUGINS parameter to (a) index.php, and the (2) DIR_LIBS parameter to (b) media.php and (c) xmlrpc/server.php in admin/.

Vulnerable Systems

Application

  • Blog Cms 4.2.1 C


References

BUGTRAQ - 20080121 BLOG:CMS 4.2.1.c (DIR_PLUGINS) Multiple Remote File Include

SREASON - 3576


Last Updated: 27 May 2016 10:46:48