Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and previous versions allows remote malicious users to overwrite arbitrary program variables and conduct directory traversal attacks to execute arbitrary code by modifying the $xoopsOption['pagetype'] variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
exv2 content management system |