Security Advisory

CVE-2002-1435

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2004-09-01 04:00:00

Last updated 2024-08-08 03:26:28

Assigner mitre

State PUBLISHED

Description

class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers to execute arbitrary PHP code when the allow_url_fopen setting is enabled via a URL in the config_atkroot parameter that points to the code.

← Browse all CVEs View on cve.org ↗