Zanfi Solutions: >> Zanfi Cms Lite >> 1.1 Security Vulnerabilities
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc parameter.
CVSS Score
5.0
EPSS Score
0.008
Published
2004-12-31
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others.
CVSS Score
5.0
EPSS Score
0.013
Published
2004-12-31