Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Limbo CMS <= Multiple Vulnerabilitiesa



The remote host is vulnerable to multiple attack vectors.


The remote host is running the Limbo Content Management System (CMS). This version of Limbo is vulnerable to a flaw where remote attackers can include arbitrary code within HTTP requests. By using such a tactic, the remote attacker can execute arbitrary code with the permissions of the remote web server. In addition, the remote host is vulnerable to a SQL Injection attack. An attacker exploiting this flaw would send a malformed HTTP query to the server that would, upon parsing, cause the web server to execute arbitrary SQL commands on the backend database server.


No solution is known at this time.