Vulnerabilities > Orlando CMS > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-25 | CVE-2008-2854 | Code Injection vulnerability in Orlando CMS Orlando CMS 0.6 Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php. | 7.5 |