PCI scan failed: Limbo CMS arbitrary command execution on LSWS console port
For the past 7 or 8 weeks our PCI scanning service has been warning us of a vulnerability on the port we use for our web console listener:
A remote attacker could execute arbitrary commands, create or overwrite files, or view files or directories on the web server.
In addition to hosting HTML pages, most web servers host programs or applications, which perform various functions, possibly including content management, discussion forums, or access to a database system. These programs process input provided by a client through a web browser. Input is normally entered by the user into an HTML form, but can also be entered directly using a URL such as http://server/index.php?input=data.
the solution is there following the link you provided: http://www.securityfocus.com/bid/16902/solution
LimboCMS has released a cumulative patch to address this vulnerability. Please see the reference section for further details.
this is a php vulnerability of LimboCMS. You've to contact LimboCMS to get the patch yourself. it's not related web server.