Comsenz SupeSite CMS Arbitrary Code Execution Security Vulnerabilities Exploit Title: Comsenz SupeSite CMS Arbitrary Code Execution Security Vulnerabilities Product: SupeSite CMS (Content Management System) Vendor: Comsenz Vulnerable Versions: 6.0.1UC 7.0 Tested Version: 7.0 Advisory Publication: Feb 25, 2015 Latest Update: Feb 25, 2015 Vulnerability Type: Improper Control of Generation of Code (‘Code Injection’) […]
Arbitrary Code Execution Vulnerability
Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by an attacker to introduce (or “inject”) code into a computer program to change the course of execution. The results of a code injection attack can be disastrous. For instance, code injection is used by some computer worms to propagate.