Google Search: “powered by runcms” -runcms.com -runcms.org
rgod rates this entry 10 out of 10.
Submitted: 2006-02-09 00:00:00
Added by: rgod
“powered by runcms” -runcms.com -runcms.org all versions <=1.2 are vulnerable to an arbitrary remote inclusion, this is more specific for the versions I tested: "powered by runcms (1.1)|(1.2)" -runcms.com -runcms.org however all versions <= 1.3a, trough FCKEditor, let a user to upload a .php5, .php3 or .inc file see the exploits: http://retrogod.altervista.org/runcms_13a_xpl.html http://retrogod.altervista.org/fckeditor_22_xpl.html