vendor:
AB WEB CMS
by:
Dr.0rYX and Cr3w-DZ
9.3
CVSS
HIGH
Multiple Remote Vulnerabilities
94
CWE
Product Name: AB WEB CMS
Affected Version From: 1.35
Affected Version To: 1.35
Patch Exists: YES
Related CWE: CVE-2009-4010
CPE: cpe:a:ab_web_cms:ab_web_cms
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2009
AB WEB CMS V.1.35 Multiple Remote Vulnerabilities
AB WEB CMS version 1.35 is vulnerable to multiple remote vulnerabilities. The vulnerabilities are caused due to the improper validation of user-supplied input in the 'index.php' script. This can be exploited to execute arbitrary PHP code by sending a specially crafted HTTP request to the vulnerable script.
Mitigation:
Upgrade to the latest version of AB WEB CMS