CVE-2010-3204

Name of the Vulnerable Software and Affected Versions Pecio CMS version 2.0.5

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the template parameter to various PHP files, including "post.php", "article.php", "blog.php", and "home.php" in the "pec templates/nova-blue/" directory.

Recommendations For Pecio CMS version 2.0.5, consider disabling access to the "pec templates/nova-blue/" directory or restricting the template parameter in the affected PHP files until a patch is available. Avoid using the template parameter in the affected API endpoints until the issue is resolved.