TellTargetCMS Multiple Remote File Include Vulnerabilities

The vendor states that, under normal circumstances, the affected scripts are outside of the webserver document root and are therefore inaccessible from a web browser.

For instances where the scripts are accessible, the vendor suggests adding an '.htaccess' file containing the following information to the 'phplib' directory:

RewriteEngine On
RewriteRule (.*) http://%{SERVER_NAME}


Privacy Statement
Copyright 2010, SecurityFocus