Security Advisory

CVE-2009-3814

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-10-27 16:00:00

Last updated 2024-09-17 02:36:20

Assigner mitre

State PUBLISHED

Description

Static code injection vulnerability in RunCMS 2M1 allows remote authenticated administrators to execute arbitrary PHP code via the "Filter/Banning" feature, as demonstrated by modifying modules/system/cache/bademails.php using the "Prohibited: Emails" action, and other unspecified filters.

← Browse all CVEs View on cve.org ↗