NuytsTech Security

CVE-2008-7183

by ·

PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the eva[caminho] parameter to index.php.

Date published : 2009-09-08

http://www.securityfocus.com/bid/29954

http://packetstorm.linuxsecurity.com/0806-exploits/evacms-rfi.txt

Tags: