Vulnerabilities (CVE)

Filtered by vendor Xoops Subscribe
Filtered by product Xoops Virii Info Module
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1976 1 Xoops 1 Xoops Virii Info Module 2024-11-21 7.5 HIGH N/A
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application's checkSuperglobals function defends against the attack.