vendor:
1024 CMS
by:
Digital Security Research Group [DSecRG]
7.5
CVSS
HIGH
Multiple Remote/Local File Include
98
CWE
Product Name: 1024 CMS
Affected Version From: 1.4.2003
Affected Version To: 1.4.4 RFC
Patch Exists: NO
Related CWE: N/A
CPE: 1024 CMS
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
DSECRG-08-027
1024 CMS has Remote File Include vulnerability and multiple Local File Include vulnerabilities. The vulnerable scripts are themes/blog/layouts/standard.php, themes/default/layouts/standard.php, themes/portfolio/layouts/standard.php, themes/snazzy/layouts/standard.php and admin/lang/fr/reports/default.php.
Mitigation:
NONE