This module exploits a lack of data sanitization when passed to the "mydirname" parameter in specific modules of XOOP web application. This can be exploited to inject and execute arbitrary PHP code to deploy an agent. Successful exploitation requires that "register_globals" is enabled.
CVE Link
Exploit Type - Old
Exploits/Remote
Product Name