Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-4304
Description:general/login.php in phpCollab 2.5 rc3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified input related to the SSL_CLIENT_CERT environment variable. NOTE: in some environments, SSL_CLIENT_CERT always has a base64-encoded string value, which may impose constraints on injection for typical shells.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-4304
BugTraq ID: 32964
http://www.securityfocus.com/bid/32964
http://security.gentoo.org/glsa/glsa-200812-20.xml
http://secunia.com/advisories/33258
XForce ISS Database: phpcollab-login-command-execution(47522)
https://exchange.xforce.ibmcloud.com/vulnerabilities/47522




© 1998-2025 E-Soft Inc. All rights reserved.