Multiple PHP remote file inclusion vulnerabilities in Trionic Cite CMS 1.2 rev9 and previous versions allow remote malicious users to execute arbitrary PHP code via a URL in the bField[bf_data] parameter to (1) interface/editors/-custom.php or (2) interface/editors/custom.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
trionic cite cms 1.2_rev9 |