header-logo
Suggest Exploit
vendor:
ReloadCMS
by:
Unknown
7.5
CVSS
HIGH
Local File Include
98
CWE
Product Name: ReloadCMS
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: Unknown
CPE: a:reloadcms:reloadcms
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Local File Include Vulnerability in ReloadCMS

ReloadCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to execute local scripts or to view arbitrary files that may contain sensitive information that can aid in further attacks.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize user input before including files and to implement proper access controls to restrict unauthorized file access.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/26143/info

ReloadCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an unauthorized user to execute local scripts or to view arbitrary files that may contain sensitive information that can aid in further attacks. 

http://www.example.com/index.php?module=../../../../etc/passwd

Navigation

Suggest Exploit

Services By CQR