CVE-2009-3056

Description

PHP remote file inclusion vulnerability in include/engine/content/elements/menu.php in KingCMS 0.6.0 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[AdminPath] parameter.

Affected products

• bas_bloemsaat / kingcms0.6.0 – 0.6.0

References

• EXPLOIThttp://www.exploit-db.com/exploits/9566