CVE-2007-2611 Information

Description

Multiple PHP remote file inclusion vulnerabilities in CGX 20050314 allow remote attackers to execute arbitrary PHP code via a URL in the pathCGX parameter to (1) mtdialogo.php (2) ltdialogo.php (3) login.php and (4) logingecon.php in inc/; and multiple unspecified files in frm/ sql/ and cns/.

Reference

http://osvdb.org/35880 http://osvdb.org/35881 http://osvdb.org/35882 http://osvdb.org/35883 http://osvdb.org/35884 http://osvdb.org/35885 http://osvdb.org/35886 http://secunia.com/advisories/25214 http://www.securityfocus.com/bid/23880 http://www.vupen.com/english/advisories/2007/1734 https://exchange.xforce.ibmcloud.com/vulnerabilities/34188 https://www.exploit-db.com/exploits/3874