3 matches found
CVE-2008-5642
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. dot dot in a cmslanguage cookie...
CVE-2008-5642
CMS Made Simple 1.4.1 is affected by a directory traversal in admin/login.php, exploitable via a crafted cms_language cookie to read arbitrary server files. Root cause: improper validation of the cms_language cookie enabling path traversal. Exploitation details are not provided beyond the basic v...
CVE-2008-5642
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. dot dot in a cmslanguage cookie...