2 matches found
CVE-2008-6023
CVE-2008-6023 describes a PHP remote file inclusion vulnerability in the Xnova project (likely in version around 0.8 sp1) where the parameter xnova_root_path can be supplied to load a remote PHP file via includes/todofleetcontrol.php. Exploitation would allow arbitrary PHP code execution on the a...
CVE-2008-6023
PHP remote file inclusion vulnerability in includes/todofleetcontrol.php in a newer version of Xnova, possibly 0.8 sp1, allows remote attackers to execute arbitrary PHP code via a URL in the xnovarootpath parameter...