Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2396


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2396
Last Modified 05 Sep 2008 05:40:15
Published 21 May 2008 09:24:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



PHP remote file inclusion vulnerability in index.php in Wajox Software microSSys CMS 1.5 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in an arbitrary element of the PAGES array parameter.

Vulnerable Systems


  • Wajox Software Mircrossys Cms 1.5


MILW0RM - 5651

SECUNIA - 30264

XF - microssys-index-file-include(42518)

BID - 29278

Last Updated: 27 May 2016 10:47:51