2 matches found
Web Servers BurnCMS Remote File Inclusion (CVE-2007-2364)
A Remote File Inclusion vulnerability has been reported in BurnCMS. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system. This protection was previously...
CVE-2007-2364
Affected software. BurnCMS 0.2 and earlier. Vulnerability. Multiple PHP remote file inclusion vulnerabilities allow arbitrary PHP code execution when a URL is provided in the root parameter to (1) lib/db/mysql.class.php or (2) lib/db/postgres.class.php, or (3) lib/authuser.php, (4) lib/misc.php, ...