header-logo
Suggest Exploit
vendor:
phpWCMS
by:
Not mentioned
7.5
CVSS
HIGH
Remote File Inclusion
Not mentioned
CWE
Product Name: phpWCMS
Affected Version From: All versions of phpWCMS
Affected Version To: Not mentioned
Patch Exists: No
Related CWE: Not mentioned
CPE: Not mentioned
Metasploit:
Other Scripts:
Platforms Tested: Not mentioned
Unknown

Multiple Remote File Include Vulnerabilities in phpWCMS

phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain sensitive information that may help with further attacks on the affected computer.

Mitigation:

To mitigate these vulnerabilities, it is recommended to sanitize user-supplied input and implement proper input validation to prevent remote file inclusion attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15436/info

phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input.

An attacker may leverage these issues to obtain sensitive information that may help with further attacks on the affected computer. 

http://www.example.com/phpwcms/login.php?form_lang=../../../../../../../../etc/passwd%00

Navigation

Suggest Exploit

Services By CQR