Etomite Content Management System 0.6, and possibly earlier versions, when downloaded from the web site in January 2006 after January 10, contains a back door in manager/includes/todo.inc.php, which allows remote malicious users to execute arbitrary commands via the "cij" parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
etomite etomite |