CMS Made Simple 'cms_language' Cookie Parameter Directory Traversal Vulnerability

CMS Made Simple is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks.

CMS Made Simple 1.4.1 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus