NuytsTech Security

CVE-2008-2396

by ·

PHP remote file inclusion vulnerability in index.php in Wajox Software microSSys CMS 1.5 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in an arbitrary element of the PAGES array parameter.

Date published : 2008-05-21

http://www.securityfocus.com/bid/29278

https://www.exploit-db.com/exploits/5651

Tags: