QwikSec

Security Database

CVE

CWE

Training

CVE-2007-5817

Published: Nov 5, 2007

Modified: Apr 3, 2025

PUBLISHED

Description

dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to perform certain privileged actions via a (1) del, (2) delbackup, (3) res, or (4) ren action. NOTE: this issue can be leveraged to conduct cross-site scripting (XSS) and possibly other attacks.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://packetstorm.linuxsecurity.com/0710-exploits/contentcustom-disclose.txt

x_refsource_MISC

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.