Security Advisory

CVE-2008-2854

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2008-06-25 10:00:00

Last updated 2024-08-07 09:14:15

Assigner mitre

State PUBLISHED

Description

Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.

← Browse all CVEs View on cve.org ↗