Published: 27/04/2008 Updated: 29/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

PHP remote file inclusion vulnerability in 123flashchat.php in the 123 Flash Chat 6.8.0 module for e107, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the e107path parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
123flashchat 123 flash chat module 6.8.0
e107 e107

############################################################### # # E107 Chat Module 123FlashChat Remote File Inclusion Vulnerability # ######################################################### # # AUTHOR : by_casper41 # # Mekan : Cyber-WarriorOrg # # MAÄ°L : CWCasper@hotmailcom # ######################################### ...

CWE-94 http://www.securityfocus.com/bid/28828 http://secunia.com/advisories/29870 https://exchange.xforce.ibmcloud.com/vulnerabilities/41867 https://www.exploit-db.com/exploits/5459 https://nvd.nist.gov https://www.exploit-db.com/exploits/5459/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1989

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect