Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6402

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6402
Last Modified 13 Mar 2009 01:45:51
Published 06 Mar 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6402

Summary

PHP remote file inclusion vulnerability in hu/modules/reg-new/modstart.php in Sofi WebGui 0.6.3 PRE and earlier allows remote attackers to execute arbitrary PHP code via a URL in the mod_dir parameter.

Vulnerable Systems

Application

  • Muskatli Sofi Webgui 0.4.2

  • Muskatli Sofi Webgui 0.5.2

  • Muskatli Sofi Webgui 0.6.0pre

  • Muskatli Sofi Webgui 0.6.3pre


References

XF - sofiwebgui-modstart-file-include(45380)

BID - 31341

MILW0RM - 6539


Last Updated: 27 May 2016 10:49:10