Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2007-3221

Published: 14/06/2007 Updated: 11/10/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the XT-Conteudo module for XOOPS allows remote malicious users to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656.

Vulnerable Product Search on Vulmon Subscribe to Product

xoops xt-conteudo module

Exploits

Exploit DB: XOOPS Module XT-Conteudo - 'spaw_root' Remote File Inclusion
############################################################################################## # ___ ___ _ # / _ \ / _ \ | | # __ _| | | | | | |_ __ ___ _ __ ___| |_ # / _` | | | | | | | '_ \/ __| | '_ \ / _ \ __| # | (_| | |_| | |_| | | | \__ \_| | | | __/ |_ # \__, |\___/ \_ ...

References

NVD-CWE-Otherhttp://secunia.com/advisories/25667http://www.securityfocus.com/bid/24470http://osvdb.org/36306http://www.vupen.com/english/advisories/2007/2205https://exchange.xforce.ibmcloud.com/vulnerabilities/34855https://www.exploit-db.com/exploits/4069https://nvd.nist.govhttps://www.exploit-db.com/exploits/4069/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
injectCVE-2024-34001CVE-2024-37018LFICVE-2024-1275CVE-2024-1086CSRFCVE-2024-31030CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook