CVE-2007-2545 in Persism CMS信息

摘要

由 VulDB • 2026-07-06

Persism CMS 0.9.2及更早版本中存在多个PHP远程文件包含漏洞,攻击者可通过向modules/目录下的(1) blocks/headerfile.php、(2) files/blocks/latest_files.php、(3) filters/headerfile.php、(4) forums/blocks/latest_posts.php、(5) groups/headerfile.php、(6) links/blocks/links.php、(7) menu/headerfile.php、(8) news/blocks/latest_news.php、(9) settings/headerfile.php或(10) users/headerfile.php文件中的system[path]参数传入恶意URL,从而远程执行任意PHP代码。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!