LotusCMS Multiple PHP Code Execution Vulnerabilities

LotusCMS is prone to multiple PHP code-execution vulnerabilities.

An attacker can exploit these issues to inject and execute arbitrary malicious PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system. Other attacks are possible, however, this requires 'stats' to be public.

LotusCMS 3.0.3 and 3.0.5 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus