PT-2006-5525 · Openi · Openi-Cms
Basher13
·
Publicado
2006-09-13
·
Atualizado
2017-10-19
·
CVE-2006-4750
CVSS v2.0
5.1
Média
| Vetor | AV:N/AC:H/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
OPENi-CMS version 1.0.1 and possibly earlier
Description
The issue allows remote attackers to execute arbitrary PHP code via a URL in the
config[openi dir] parameter in the openi-admin/base/fileloader.php file.Recommendations
For OPENi-CMS version 1.0.1 and possibly earlier, avoid using the
config[openi dir] parameter in the openi-admin/base/fileloader.php file until the issue is resolved.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Openi-Cms