CVE-2005-2691

2005-08-24T04:00:00
ID CVE-2005-2691
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:52:00

Description

includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code.