OTSCMS OTCMS.php Global Variables Remote File Inclusion

2006-10-23T04:18:55
ID OSVDB:30008
Type osvdb
Reporter OSVDB
Modified 2006-10-23T04:18:55

Description

Solution Description

Upgrade to version 2.1.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://otscms.com/ Secunia Advisory ID:22577 Secunia Advisory ID:22548 Mail List Post: http://attrition.org/pipermail/vim/2006-October/001096.html ISS X-Force ID: 29719 Generic Exploit URL: http://www.milw0rm.com/exploits/2622 CVE-2006-5547 CVE-2006-5546 CVE-2006-5548 Bugtraq ID: 20694