Tuesday, November 9, 2010

eoCMS: Local File Inclusion (LFI) Vulnerability

Users of eoCMS please be advised of a Local File Inclusion vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com
HTB22676: LFI in eoCMS
Product: eoCMS
Vulnerability Type: Local File Inclusion
Vulnerability Details:
The vulnerability exists due to failure in the "/index.php" script to properly sanitize user-supplied input in theme
variable.Read more at www.criticalwatch.com
 

No comments:

Post a Comment