Users of Free Simple CMS please be advised of a path sanitization errors vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
oCERT-2010-003: [oCERT-2010-003] Free Simple CMS path sanitization errors
Description:
Free Simple CMS, an open source content management system, suffers from
remote file inclusion vulnerabilities.
Insufficient path sanitization on several query string parameters leads to
inclusion of arbitrary files from remote sources, this could be exploited to
execute arbitrary command or code.
Read more at www.criticalwatch.com
See this Amp at http://amplify.com/u/awf6
No comments:
Post a Comment