CVE

Id
30677  
CVE No.
CVE-2008-0560  
Status
Candidate  
Description
** DISPUTED ** PHP remote file inclusion vulnerability in cforms-css.php in Oliver Seidel cforms (contactforms), a Wordpress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the tm parameter. NOTE: CVE disputes this issue for 7.3, since there is no tm parameter, and the code exits with a fatal error due to a call to an undefined function.  
Phase
Assigned (20080204)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
326394 30677 CVE-2008-0560 BUGTRAQ:20080131 contactforms "cforms-css.php" Remote File Inclusion  View
326395 30677 CVE-2008-0560 URL:http://www.securityfocus.com/archive/1/archive/1/487347/100/0/threaded  View
326396 30677 CVE-2008-0560 VIM:20080131 [Fwd: contactforms "cforms-css.php" Remote File Inclusion]  View
326397 30677 CVE-2008-0560 URL:http://www.attrition.org/pipermail/vim/2008-January/001895.html  View
326398 30677 CVE-2008-0560 SREASON:3605  View
326399 30677 CVE-2008-0560 URL:http://securityreason.com/securityalert/3605  View
326400 30677 CVE-2008-0560 XF:contactform-cformscss-file-include(40143)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
47118 JVNDB-2008-002428 Mailman における複数のクロスサイトスクリプティングの脆弱性 Mailman には、複数のクロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-0564 30677 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002428.html  View