BandSite CMS and SmartSite CMS (PHP based) Root File Inclusion Vulnerability Discovered

    Date: 06/21/06 (Java Web)    Keywords: cms, php

    Archit3ct and IR4DEX GROUP have discovered a vulnerability in SmartSiteCMS, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the “root” parameter in include/inc_foot.php is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external [...]

    Source: http://blog.taragana.com/index.php/archive/bandsite-cms-and-smartsite-cms-php-based-root-file-inclusion-vulnerability-discovered/

« Magnolia CMS 3.0 Released -... || “H1-B Visa Holders... »
Search  •  Site Map  •  Set as Homepage  •  Add to Favourites  • 
antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home