CVE-2008-5938 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-5938
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-5938

Description: PHP remote file inclusion vulnerability in assets/snippets/reflect/snippet.reflect.php in MODx CMS 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the reflect_base parameter.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/46797 SREASON http://securityreason.com/securityalert/4940 SAID Secunia Advisory: SA32824 MILW0RM http://www.milw0rm.com/exploits/7204 CONFIRM http://svn.modxcms.com/svn/tattoo/tattoo/releases/0.9.6.3/install/changelog.txt BID 32436

Return to the previous page.