Summary
Global Content Blocks is prone to multiple security vulnerabilities, including a remote PHP code-execution vulnerability and multiple information- disclosure vulnerability.
Successful exploits of these issues may allow remote attackers to execute arbitrary malicious PHP code in the context of the application or obtain potentially sensitive information.
Global Content Blocks 1.5.1 is vulnerable
other versions may also
be affected.
Solution
Updates are available. Please see the references for details.
References
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Alchemy Eye HTTP Command Execution
- Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities
- A Really Simple Chat Multiple SQL Injection Vulnerabilities
- Apache Struts ClassLoader Manipulation Vulnerabilities
- Apache Struts2 Showcase Arbitrary Java Method Execution vulnerability