Bodgan Calin of Acunetix has warned that the e107 content management system may contain a backdoor.

"[The] file class2.php contains the line if(md5($_COOKIE['access-admin']) == "cf1afec15669cb96f09befb7d70f8bcb") , which defines a static cookie," according to The H Security. "Further code checks whether the cookie has been transferred and then executes commands passed using POST requests in the shell. It is not clear how the backdoor has found its way into the code and the find has not yet been confirmed by other sources."

"Users who have already installed version 0.7.17 should check the class2.php file and remove the offending lines if present," the article states.

Click here to read the article at The H Security.