Description CMS Made Simple 0.10 Remote File Inclusion (admin/lang.php) Remediation Update to CMS Made Simple 0.11 or later. References http://www.securityfocus.com/archive/1/409654 http://www.securityfocus.com/bid/14709/info http://www.cvedetails.com/cve/CVE-2005-2846/ Related Vulnerabilities Simple Fields Local File Inclusion (0.3.5) WP Rocket Local File Inclusion (2.10.3) Mailing List 'wpabspath' Parameter Remote File Include (1.3.3) Gwolle Guestbook Remote File Inclusion (1.5.3) Landing Page Builder-Lead Page-Optin Page-Squeeze Page-WordPress Landing Pages Local File Inclusion (1.4.3) Severity High Classification CVE-2005-2846 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L Tags File Inclusion