Xcms index.php cpie admin Action testo_0 Variable Arbitrary Remote Code Execution

2007-12-30T00:00:00
ID OSVDB:40277
Type osvdb
Reporter OSVDB
Modified 2007-12-30T00:00:00

Description

Solution Description

Upgrade to version 1.84 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.xcms.it/ Secunia Advisory ID:28256 Related OSVDB ID: 1020799 ISS X-Force ID: 39346 Generic Exploit URL: http://www.milw0rm.com/exploits/4813 CVE-2007-6652