CVE-2007-6412 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-6412
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6412

Description: Direct static code injection vulnerability in wiki/index.php in Bitweaver 2.0.0 and earlier, when comments are enabled, allows remote attackers to inject arbitrary PHP code via an editcomments action.

CVE Status: Candidate

References: SREASON http://securityreason.com/securityalert/3428 http://securityreason.com/securityalert/3454 OSVDB 40148 MISC http://www.hackerscenter.com/archive/view.asp?id=28129 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/484805/100/0/threaded BID 26801

Return to the previous page.