Pulse CMS Basic Local File Include Vulnerability

Pulse CMS Basic is prone to a local file-include vulnerability.

An attacker can exploit this issue to include arbitrary local files and execute PHP code on the affected computer in the context of the webserver process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible.

Pulse CMS Basic 1.2.8 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus