CVE-2010-1922
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
12/05/2010
Last modified:
10/10/2018
Description
Multiple PHP remote file inclusion vulnerabilities in 29o3 CMS 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the LibDir parameter to (1) lib/page/pageDescriptionObject.php, and (2) layoutHeaderFuncs.php, (3) layoutManager.php, and (4) layoutParser.php in lib/layout/.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:29o3_cms:29o3_cms:0.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page