PHPWCMS Wcs_User_Lang Local File Include Vulnerability

PHPWCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an unauthorized user to view files and execute local scripts.

PHPWCMS 1.2.6 and prior versions are vulnerable to this issue; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus