CVE-2007-6179 – Charrays CMS 0.9.3 - Multiple Remote File Inclusions

https://notcve.org/view.php?id=CVE-2007-6179

Multiple PHP remote file inclusion vulnerabilities in Charray's CMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the ccms_library_path parameter to (1) markdown.php and (2) gallery.php in decoder/. Múltiples vulnerabilidades de inclusión remota de archivo en PHP en Charray's CMS 0.9.3 permite a atacantes remotos ejecutar código PHP de su elección mediante un URL en el parámetro ccms_library_path parameter a (1) markdown.php y (2) gallery.php en decoder/. • https://www.exploit-db.com/exploits/4672 http://osvdb.org/38912 http://osvdb.org/38913 http://secunia.com/advisories/27854 http://www.securityfocus.com/bid/26619 https://exchange.xforce.ibmcloud.com/vulnerabilities/38678 • CWE-20: Improper Input Validation •