WorkSimple Information Disclosure Vulnerability and Remote File Include Vulnerability

WorkSimple Information Disclosure Vulnerability and Remote File Include Vulnerability

WorkSimple is prone to two remote security vulnerabilities:

1. An information-disclosure vulnerability occurs because the application fails to protect sensitive information.

2. A remote file-include vulnerability occurs because the application fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying computer; other attacks are also possible.

WorkSimple 1.2.1 is vulnerable; other versions may also be affected.