CVE-2009-3760

Metadata

CVE-2009-3760
7.5
securenetwork.it, securitytracker.com, exploit-db.com, securityfocus.com, securityfocus.com, vupen.com
2009-10-22
2017-09-19 07:08

Description

Static code injection vulnerability in config/writeconfig.php in the sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to inject arbitrary PHP code into include/config.ini.php via the pool1 parameter. NOTE: some of these details are obtained from third party information.

Related Vulnerabilities