CMS Mini 'view/index.php' Multiple Local File Include Vulnerabilities

info
discussion
exploit
solution
references

CMS Mini 'view/index.php' Multiple Local File Include Vulnerabilities

CMS Mini is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker can exploit these issues using directory-traversal strings to view local files in the context of the webserver process. This may aid in further attacks.

CMS Mini 0.2.2 is vulnerable; other versions may also be affected.