CVE-2010-4943
Saurus CMS 4.7.0 - Remote Code Execution via Class Path Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-4943. PoCs published by LoSt.HaCkEr.
AI-analyzed exploit summary This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in SaurusCMSupdate4.7.0, allowing an attacker to include arbitrary remote files via the 'class_path' parameter in 'file.php' and 'com_del.php'. The vulnerability is due to insufficient input validation.
Description
Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to execute arbitrary PHP code via a URL in the class_path parameter to (1) file.php or (2) com_del.php.
Exploits (1)
This exploit demonstrates a Remote File Inclusion (RFI) vulnerability in SaurusCMSupdate4.7.0, allowing an attacker to include arbitrary remote files via the 'class_path' parameter in 'file.php' and 'com_del.php'. The vulnerability is due to insufficient input validation.