Description

CMS Made Simple 0.10 Remote File Inclusion (admin/lang.php)

Remediation

Update to CMS Made Simple 0.11 or later.

References

http://www.securityfocus.com/archive/1/409654

http://www.securityfocus.com/bid/14709/info

http://www.cvedetails.com/cve/CVE-2005-2846/

Related Vulnerabilities

Simple Fields Local File Inclusion (0.3.5)

WP Rocket Local File Inclusion (2.10.3)

Mailing List 'wpabspath' Parameter Remote File Include (1.3.3)

Gwolle Guestbook Remote File Inclusion (1.5.3)

Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Local File Inclusion (1.4.3)

Severity

High

Classification

CVE-2005-2846 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

Tags

File Inclusion