phpwcms 1.2.5 -DEV login.php form_lang Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/15436/info phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain sensitive information tha...

CVE-2005-3789

Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. dot dot in the 1 formlang parameter in login.php and 2 the imgdir parameter in randomimage.php...