Vulnerability Description
Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. NOTE: some of these details are obtained from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Infireal | Mxcamarchive | 2.2 |
Related Weaknesses (CWE)
References
- http://osvdb.org/49887
- http://secunia.com/advisories/32751Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46658
- https://www.exploit-db.com/exploits/7136
- http://osvdb.org/49887
- http://secunia.com/advisories/32751Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46658
- https://www.exploit-db.com/exploits/7136
FAQ
What is CVE-2008-6956?
CVE-2008-6956 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description param...
How severe is CVE-2008-6956?
CVE-2008-6956 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6956?
Check the references section above for vendor advisories and patch information. Affected products include: Infireal Mxcamarchive.