CVE-2009-2331
CVE-2009-2331 affects CMS Chainuk 1.2 and earlier. Two static code injection flaws permit remote PHP code execution: (1) settings.php via the menu parameter to admin_settings.php, and (2) a content/=NUMBER.php file via the title parameter to admin_new.php. Root cause: insecure handling of paramet...