Xcms index.php cpie admin Action testo_0 Variable Arbitrary Remote Code Execution

ID OSVDB:40277
Type osvdb
Reporter OSVDB
Modified 2007-12-30T00:00:00


Solution Description

Upgrade to version 1.84 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Vendor URL: http://www.xcms.it/ Secunia Advisory ID:28256 Related OSVDB ID: 1020799 ISS X-Force ID: 39346 Generic Exploit URL: http://www.milw0rm.com/exploits/4813 CVE-2007-6652