1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: LotusCMS PHP Code Execution

Attack: LotusCMS PHP Code Execution

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects an attempt to exploit a PHP code execution vulnerability in LotusCMS application.

Additional Information

A PHP code execution vulnerability affects the application because it fails to sanitize user supplied input to the 'page' parameter of the 'index.php' script in the 'Router()' function. This issue affects the 'eval()' function of the 'core/lib/router.php' script. Successful exploitation of this issue requires that 'magic_quotes_gpc' is disabled.

An attacker can exploit these issues to inject and execute arbitrary malicious PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system. Other attacks are possible, however, this requires 'stats' to be public.


  • LotusCMS 3.0.3
  • LotusCMS 3.0.5

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube