Multiple PHP remote file inclusion vulnerabilities in 29o3 CMS 0.1 allow remote malicious users to execute arbitrary PHP code via a URL in the LibDir parameter to (1) lib/page/pageDescriptionObject.php, and (2) layoutHeaderFuncs.php, (3) layoutManager.php, and (4) layoutParser.php in lib/layout/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
29o3 cms 29o3 cms 0.1 |