2 matches found
CVE-2006-5380
Contenido CMS suffers a remote file inclusion (RFI) vulnerability in CVE-2006-5380 via the contenido_path parameter to cms/dbfs.php or cms/front_content.php, enabling arbitrary PHP code execution. Note: CVE disputes this for version 4.6.15 where contenido_path is static. In practice, mitigation g...
CVE-2006-5380
Remote file inclusion vulnerability in Contenido CMS allows remote attackers to execute arbitrary PHP code via a URL in the contenidopath parameter to 1 cms/dbfs.php or 2 cms/frontcontent.php. NOTE: CVE disputes this issue for version 4.6.15, because $contenidopath is set to a static value...