Sciurus : Security Vulnerabilities, CVEs,
Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can be executed by accessing includes/news.php.
Max CVSS
9.3
EPSS Score
12.40%
Published
2007-11-22
Updated
2018-10-15
1 vulnerabilities found