Log1 CMS 'data.php' PHP Code Injection Vulnerability Network Vulnerability

Summary

Log1 CMS is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system other attacks are also possible. Log1 CMS 2.0 is vulnerable other versions may also be affected.

References

http://www.securityfocus.com/bid/50523

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4825

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

b2Evolution title SQL Injection
Apple Safari RSS Feed Information Disclosure Vulnerability
Adobe ColdFusion Multiple Vulnerabilities-01 May-2014
Admin Bot 'news.php' SQL Injection Vulnerability
4Images <= 1.7.1 Directory Traversal Vulnerability

Take action and discover your vulnerabilities