RSS   Podatności dla 'Wonderedit pro cms'   RSS

2006-07-06
 
CVE-2006-3422

 

 
PHP remote file inclusion vulnerability in WonderEdit Pro CMS allows remote attackers to execute arbitrary PHP code via the config[template_path] parameter in user_bottom.php, as used by multiple templates including (1) rwb (template/rwb/user_bottom.php), (2) gwb (template/rwb/user_bottom.php, (3) blues, (4) bluwhi, and (5) grns.

 


Copyright 2024, cxsecurity.com

 

Back to Top