2 matches found
CVE-2009-1519
Pecio CMS 1.1.5 is affected; the vulnerability is in index.php where the language parameter can be manipulated with a .. sequence to read arbitrary files (directory traversal). The connected documents do not provide exploit details or a remediation/version fix.
CVE-2010-3204
Pecio CMS 2.0.5 is affected by multiple remote file inclusion vulnerabilities. The issue allows an attacker to cause arbitrary PHP code execution by supplying a crafted URL in the template parameter to one of four scripts (post.php, article.php, blog.php, or home.php) under pec_templates/nova-blu...