Description

mainfile.php in XOOPS 2.0.13.2 and earlier, when register_globals is enabled, allows remote attackers to overwrite variables such as $xoopsOption['nocommon'] and conduct directory traversal attacks or include PHP files via (1) xoopsConfig[language] to misc.php or (2) xoopsConfig[theme_set] to index.php, as demonstrated by injecting PHP sequences into a log file.

Remediation

References

CVE-2006-2516

Related Vulnerabilities

WordPress Credentials Management Errors Vulnerability (CVE-2016-5838)

WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.30)

WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.29)

Joomla Incorrect Authorization Vulnerability (CVE-2023-23751)

WordPress Plugin Sunshine Photo Cart Cross-Site Request Forgery (2.8.28)

Severity

Medium

Classification

CVE-2006-2516 CWE-22

Tags

Missing Update Known Vulnerabilities