RSS   Vulnerabilities for 'Klinza professional cms'   RSS

2009-12-07
 
CVE-2009-4216

CWE-22
 

 
Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter.

 
2006-10-10
 
CVE-2006-5189

 

 
PHP remote file inclusion vulnerability in funzioni/lib/show_hlp.php in klinza professional cms 5.0.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the appl[APPL] parameter.

 


Copyright 2019, cxsecurity.com

 

Back to Top