Vulnerabilities > CVE-2007-3222 - Unspecified vulnerability in Xoops Xfsection Module 1.07

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

xoops

nessus

exploit available

NVD

Published: 2007-06-14

Updated: 2024-11-21

Summary

PHP remote file inclusion vulnerability in modify.php in the XFsection 1.07 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the dir_module parameter.

Vulnerable Configurations

Part	Description	Count
Application	Xoops Xoops Xfsection Module 1.07	1

Exploit-Db

description	XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability. CVE-2007-3222. Webapps exploit for php platform
file	exploits/php/webapps/4068.txt
id	EDB-ID:4068
last seen	2016-01-31
modified	2007-06-13
platform	php
port
published	2007-06-13
reporter	Sp[L]o1T
source	https://www.exploit-db.com/download/4068/
title	XOOPS Module XFsection modify.php Remote File Inclusion Vulnerability
type	webapps

Nessus

NASL family	CGI abuses
NASL id	XOOPS_XFSECTION_DIR_MODULE_FILE_INCLUDE.NASL
description	The remote host is running XFSection, a third-party module for XOOPS. The version of this module installed on the remote host fails to sanitize input to the
last seen	2020-06-01
modified	2020-06-02
plugin id	25493
published	2007-06-14
reporter	This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/25493
title	XOOPS XFSection Module modify.php dir_module Parameter Remote File Inclusion

Summary

Vulnerable Configurations

Exploit-Db

Nessus

References