CVE-2009-3365

2009-09-24T16:30:00
ID CVE-2009-3365
Type cve
Reporter cve@mitre.org
Modified 2017-09-19T01:29:00

Description

PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter.