cpie.php in XCMS 1.83 and previous versions sends a redirect to the web browser but does not exit, which allows remote malicious users to conduct direct static code injection attacks and execute arbitrary code via the testo_0 parameter in a cpie admin action to index.php, which writes to dati/generali/footer.dtb (aka the XCMS footer).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xcms xcms |