Xoops: >> Xoops Virii Info Module Security Vulnerabilities
PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application's checkSuperglobals function defends against the attack
CVSS Score
7.5
EPSS Score
0.011
Published
2007-04-12