Description
PHP remote file inclusion in eventcal/mod_eventcal.php in the event module 1.0 for Limbo CMS allows remote attackers to execute arbitrary PHP code via a URL in the lm_absolute_path parameter.
Vulnerability Information
- Product / Framework: Limbo_cms
- Vendor Domain: sourceforge.net
- Vulnerability Type: File Inclusion
- CVE Details: View Full CVE Details →