Categories

Applications (222)
Blogs (7)
Content Management (148)
Customer Relationship (2)
Discussion Boards (29)
E-Commerce (14)
General Purpose Directories (2)
Image Galleries (18)
Mailing Lists (1)
Tips (3)
Vulnerabilities (337)
Access Bypass (50)
Cross Site Scripting (123)
Denial Of Service (2)
File Inclusion (51)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (16)
Session Hijacking (2)
SQL Injection (130)
« Joomla! XSRF and Script Insertion
PortalApp Multiple Vulnerabilities »

Xcms PHP Code Execution and LFI

Published by TL Guan January 22nd, 2008 in Content Management, File Inclusion and Remote Command Execution.

Application: Xcms
Affected Version: prior to 1.84.
Vendor’s URL: http://www.xcms.it/
Bug Type: Security Bypass, System Access
Risk Level: Critical

Solution:
Update to version 1.84.

Subscribe

Latest

Archives



Valid XHTML 1.0 Transitional