Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2192

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-2192
Last Modified 05 Sep 2008 12:00:00
Published 14 May 2008 01:20:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2192

Summary

Static code injection vulnerability in box/minichat/boxpop.php in IT!CMS (aka itcms) 1.9 allows remote attackers to inject arbitrary PHP code into box/MiniChat/data/shouts.php via the shout parameter.

Vulnerable Systems

Application

  • Itcms 1.9


References

XF - itcms-boxpop-file-include(42172)

BID - 29028

MILW0RM - 5532

SECUNIA - 30059


Last Updated: 27 May 2016 10:47:47