CVE-2009-2331

2009-07-05T16:30:00
ID CVE-2009-2331
Type cve
Reporter cve@mitre.org
Modified 2017-09-19T01:29:00

Description

Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to inject arbitrary PHP code (1) into settings.php via the menu parameter to admin_settings.php or (2) into a content/=NUMBER.php file via the title parameter to admin_new.php.