CVE-2007-5314 Information

Description

PHP remote file inclusion vulnerability in system/funcs/xkurl.php in xKiosk WEB 3.0.1i when register_globals is enabled allows remote attackers to execute arbitrary PHP code via a URL in the PEARPATH parameter.

Reference

http://osvdb.org/37620 http://secunia.com/advisories/27140 http://www.vupen.com/english/advisories/2007/3427 https://exchange.xforce.ibmcloud.com/vulnerabilities/37030 xkioskweb-xkurl-file-include(37030) https://www.exploit-db.com/exploits/4502 PHP remote file inclusion vulnerability in system/funcs/xkurl.php in xKiosk WEB 3.0.1i when register_globals is enabled allows remote attackers to execute arbitrary PHP code via a URL in the PEARPATH parameter.