Vulnerabilities (CVE)

Filtered by vendor Orlando Cms Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2854 1 Orlando Cms 1 Orlando Cms 2024-02-04 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[preloc] parameter to (1) modules/core/logger/init.php and (2) AJAX/newscat.php.