CVE-2007-2670
N/A
N/A
Summary
PHPChain 1.0 and earlier allows remote attackers to obtain the installation path via invalid values of the catid parameter to (1) settings.php or (2) cat.php, as demonstrated by XSS manipulations.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://pridels0.blogspot.com/2007/05/phpchain-vuln.html
- http://osvdb.org/35538
- http://www.vupen.com/english/advisories/2007/1647
- http://www.securityfocus.com/bid/23761
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34019
- http://secunia.com/advisories/25128
References
- http://pridels0.blogspot.com/2007/05/phpchain-vuln.html
- http://osvdb.org/35538
- http://www.vupen.com/english/advisories/2007/1647
- http://www.securityfocus.com/bid/23761
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34019
- http://secunia.com/advisories/25128
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.