CVE-2009-3424
CVE-2009-3424 affects MaxCMS 3.11.20b: multiple remote file inclusion vulnerabilities when register_globals is enabled. An attacker can cause arbitrary PHP code execution by supplying URLs in a set of 34 parameters across various files (e.g., includes/InstantSite/inc.is_root.php; classes/...php; ...