CMS Lokomedia 'downlot.php' Arbitrary File Download Vulnerability Network Vulnerability

Summary

CMS Lokomedia is prone to a vulnerability that lets attackers download arbitrary files. This issue occurs because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the context of the application. Information harvested may aid in launching further attacks.

References

http://bukulokomedia.com/home
https://www.securityfocus.com/bid/46915

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability
Apache Archiva Multiple Vulnerabilities
AMSI 'file' Parameter Directory Traversal Vulnerability
Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities

Take action and discover your vulnerabilities