CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Orlando Cms: >> Orlando Cms >> 0.6 Security Vulnerabilities

CVE-2008-2854

Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.

CVSS Score

7.5

EPSS Score

0.015

Published

2008-06-25

Page 1

Vulnerabilities

Vulnerable Software

Orlando Cms: >> Orlando Cms >> 0.6 Security Vulnerabilities

Products

Pricing

Contact Us