4 matches found
CVE-2011-0518
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via the system parameter to index.php...
Directory traversal
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via the system parameter to index.php...
CVE-2011-0518
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via the system parameter to index.php...
CVE-2011-0518
LotusCMS 3.0 Fraise is affected by a remote code execution vulnerability tied to its Router() function. An attacker can pass PHP code via the page parameter (or system parameter abuse) and trigger an eval/remote code execution through core/lib/router.php, allowing local file inclusion or code exe...