Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6651

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-6651
Last Modified 07 Apr 2009 12:00:00
Published 07 Apr 2009 10:17:18
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-6651

Summary

Static code injection vulnerability in edithistory.php in OxYProject OxYBox 0.85 allows remote attackers to inject arbitrary PHP code into oxyhistory.php via the oxymsg parameter.

Vulnerable Systems

Application

  • Oxyproject Oxybox 0.85


References

XF - oxyproject-edithistory-command-execution(42110)

BID - 28992

MILW0RM - 5524


Last Updated: 27 May 2016 10:49:16