Summary
ezContents is an Open-Source website content management system based on PHP and MySQL. Features include maintaining menus and sub-menus, adding authors that write contents, permissions, workflow, and layout possibilities for the entire look of the site by simple use of settings.
The product has been found to contain a vulnerability that would allow a remote attacker to cause the PHP script to include an external PHP file and execute its content. This would allow an attacker to cause the server to execute arbitrary code.
Severity
Classification
-
CVE CVE-2004-0070 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability
- ASUS RT56U Router Multiple Vulnerabilities
- ASP-Dev XM Event Diary Multiple Vulnerabilities
- AlienVault Open Source SIEM (OSSIM) 'timestamp' Parameter Directory Traversal Vulnerability
- Artmedic Kleinanzeigen File Inclusion Vulnerability