MiniCMS Multiple Remote PHP Code Injection Vulnerabilities Network Vulnerability

Summary

miniCMS is prone to multiple vulnerabilities that attackers can leverage to execute arbitrary PHP code because the application fails to adequately sanitize user-supplied input. Successful attacks can compromise the affected application and possibly the underlying computer. miniCMS 1.0 and 2.0 are vulnerable other versions may also be affected.

References

http://sourceforge.net/projects/mini-cms/files/mini-cms/
http://www.securityfocus.com/bid/51612

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Arkeia Appliance Path Traversal Vulnerability
Allegro RomPager `Misfortune Cookie` Vulnerability
Adobe ColdFusion Multiple Vulnerabilities-01 May-2014
AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14

miniCMS Multiple Remote PHP Code Injection Vulnerabilities

Take action and discover your vulnerabilities