Description
Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) _connect.php or (2) modules/startup.php.
Vulnerability Information
- Product / Framework: Sunlight_cms
- Vendor Domain: sourceforge.net
- Vulnerability Type: File Inclusion
- CVE Details: View Full CVE Details →