This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
** DISPUTED ** PHP remote file inclusion vulnerability in index.php in the Virii Info 1.10 and earlier module for Xoops allows remote attackers to execute arbitrary PHP code via a URL in the xoopsConfig[root_path] parameter. NOTE: the issue has been disputed by a reliable third party, stating that the application's checkSuperglobals function defends against the attack.
CVSS 3.x Severity and Metrics:
NVD score not yet provided.
CVSS 2.0 Severity and Metrics: