CVE-2009-2331

Metadata

CVE-2009-2331
7.5
exploit-db.com
2009-07-05
2017-09-19 07:07

Description

Multiple static code injection vulnerabilities in CMS Chainuk 1.2 and earlier allow remote attackers to inject arbitrary PHP code (1) into settings.php via the menu parameter to admin_settings.php or (2) into a content/=NUMBER.php file via the title parameter to admin_new.php.

Related Vulnerabilities