CVE-2006-4349
ToendaCMS 1.0.3 and earlier is affected by a PHP remote file inclusion vulnerability. The issue allows a remote attacker to execute arbitrary PHP code by supplying a URL in the tcms_administer_site parameter to an unspecified script, probably index.php. Some sources dispute that tcms_administer_s...