Security Advisory

CVE-2007-2001

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-04-12 19:00:00

Last updated 2024-08-07 13:13:42

Assigner mitre

State PUBLISHED

Description

Multiple direct static code injection vulnerabilities in admin/configurer2.php in Crea-Book 1.0 and earlier allow remote authenticated administrators to execute arbitrary PHP code via the "Fond de la page" (background color) field and other unspecified fields, which injects into config.inc.php3.

← Browse all CVEs View on cve.org ↗