CVE-2007-6548

Name of the Vulnerable Software and Affected Versions RunCMS versions prior to 1.6.1

Description The issue allows remote authenticated administrators to inject arbitrary PHP code via several parameters in different modules, including header and footer parameters to modules/system/admin.php, disclaimer parameters to various modules, and the intro parameter to modules/sections/admin/index.php. These injections lead to PHP sequences being written into cache files within the modules directory, potentially allowing for code execution.

Recommendations For RunCMS versions prior to 1.6.1, update to version 1.6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable parameters and modules, such as disabling the header and footer parameters in modules/system/admin.php, and avoiding the use of disclaimer parameters in affected modules until the update is applied. Additionally, restrict write access to cache files in the modules directory to minimize the risk of exploitation.