CVE-2007-2545 in Persism CMS
摘要
由 VulDB • 2026-07-06
Persism CMS 0.9.2及更早版本中存在多个PHP远程文件包含漏洞,攻击者可通过向modules/目录下的(1) blocks/headerfile.php、(2) files/blocks/latest_files.php、(3) filters/headerfile.php、(4) forums/blocks/latest_posts.php、(5) groups/headerfile.php、(6) links/blocks/links.php、(7) menu/headerfile.php、(8) news/blocks/latest_news.php、(9) settings/headerfile.php或(10) users/headerfile.php文件中的system[path]参数传入恶意URL,从而远程执行任意PHP代码。
VulDB is the best source for vulnerability data and more expert information about this specific topic.