VYPR
Unrated severityNVD Advisory· Published Aug 24, 2005· Updated Jun 16, 2026

CVE-2005-2691

CVE-2005-2691

Description

includes/common.php in RunCMS 1.2 and earlier calls the extract function with EXTR_OVERWRITE on HTTP POST variables, which allows remote attackers to overwrite arbitrary variables, possibly allowing execution of arbitrary code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Runcms/Runcms4 versions
    cpe:2.3:a:runcms:runcms:1.1:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:runcms:runcms:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:runcms:runcms:1.1a:*:*:*:*:*:*:*
    • cpe:2.3:a:runcms:runcms:1.2:*:*:*:*:*:*:*
    • (no CPE)range: <=1.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.