This host is installed with Fuzyylime(cms) which is prone to Remote Code Execution vulnerability.

Successful exploitation will allow attacker to include and execute arbitrary files from local and external resources, and can gain sensitive information about remote system directories when magic_quotes_gpc is disabled. Impact level: Application/System

Upgrade to fuzzylime 3.03b or later, For updates refer to http://cms.fuzzylime.co.uk/st/content/download

The flaws are due to, - The data passed into 'list' parameter in code/confirm.php and to the 'template' parameter in code/display.php is not properly verified before being used to include files. - Input passed to the 's' parameter in code/display.php is not properly verified before being used to write to a file.

Fuzyylime(cms) version 3.03a and prior.

• http://xforce.iss.net/xforce/xfdb/51205

---

Updated on 2017-03-28