PHP remote file inclusion vulnerability in wwwdev/nxheader.inc.php in N/X 2002 Professional Edition Web Content Management System (WCMS) 4.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the c[path] parameter.
CVSS Vector
AV:N/AC:H/Au:N/C:P/I:P/A:PNx N X Wcms
APPNx2002_prerelease1≤ 4.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2007-2199MEDIUM6.8ten sam produkt
PHP remote file inclusion vulnerability in lib/pcltar.lib.php (aka pcltar.php) in the PclTar module 1.3 and 1....
CVE-2026-48027CRITICAL9.3⚠ KEVPL ✓ten sam vendor
Nx Console — złośliwa wersja 18.95.0 zawierająca wbudowane złośliwe oprogramowanie (CWE-506)
CVE-2003-1251HIGH7.5ten sam vendor
The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeatio...