Back to search
CVE-2007-0561
Published: Jan 30, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) admin_linkdb.php, (2) admin_forum_prune.php, (3) admin_extensions.php, (4) admin_board.php, (5) admin_attachments.php, or (6) admin_users.php in admin/.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
31977
vdb-entry
x_refsource_OSVDB
23952
third-party-advisory
x_refsource_SECUNIA
31978
vdb-entry
x_refsource_OSVDB
22227
vdb-entry
x_refsource_BID
xero-multiple-scripts-file-include(31767)
vdb-entry
x_refsource_XF
3192
exploit
x_refsource_EXPLOIT-DB
31980
vdb-entry
x_refsource_OSVDB
ADV-2007-0338
vdb-entry
x_refsource_VUPEN
31634
vdb-entry
x_refsource_OSVDB
31979
vdb-entry
x_refsource_OSVDB
31981
vdb-entry
x_refsource_OSVDB
20070125 Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now