CVE-2009-4156

PHP remote file inclusion vulnerability in modules/pms/index.php in Ciamos CMS 0.9.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the module_path parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ciamos:ciamos_cms:*:*:*:*:*:*:*:*
cpe:2.3:a:ciamos:ciamos_cms:0.9:*:*:*:*:*:*:*
cpe:2.3:a:ciamos:ciamos_cms:0.9.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-12-02 17:30

Updated : 2024-02-28 11:21


NVD link : CVE-2009-4156

Mitre link : CVE-2009-4156

CVE.ORG link : CVE-2009-4156


JSON object : View

Products Affected

ciamos

  • ciamos_cms
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')