Multiple PHP remote file inclusion vulnerabilities in Segue CMS 1.5.9 and previous versions, when magic_quotes_gpc is enabled, allow remote malicious users to execute arbitrary PHP code via a URL in the theme parameter to (1) themesettings.php or (2) index.php, a different vector than CVE-2006-5497. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
middlebury college segue cms 1.5.8 |
||
middlebury college segue cms |
||
middlebury college segue cms 1.3.5 |
||
middlebury college segue cms 1.5.7 |