Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2220


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-2220
Last Modified 05 Sep 2008 12:00:00
Published 14 May 2008 02:20:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) CONFIG[LANGUAGE_CPATH] parameter to modules/forum/embedforum.php and the (2) CONFIG[BASE_PATH] parameter to modules/scorm/, different vectors than CVE-2006-4448.

Vulnerable Systems


  • Interact 2.4.1


XF - interact-embedforum-file-include(42113)

BID - 28996

MILW0RM - 5526

Last Updated: 27 May 2016 10:47:48