MiniCMS Multiple Remote PHP Code Injection Vulnerabilities Network Vulnerability

Summary

miniCMS is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary PHP code because the application fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected application and possibly the underlying computer. miniCMS 1.0 and 2.0 are vulnerable other versions may also be affected.

References

http://sourceforge.net/projects/mini-cms/files/mini-cms/
http://www.securityfocus.com/bid/51612

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

AWStats configdir parameter arbitrary cmd exec
Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
b2ePMS Multiple SQL Injection Vulnerabilities
AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities

miniCMS Multiple Remote PHP Code Injection Vulnerabilities

Take action and discover your vulnerabilities