GrayCMS php code injection

Version: 1.1 Severity: High Vendor: http://gcms.graymur.net/ Vulnerable code is in "code/error.php": ----begin---- ... if !isset$page $page = ''; if !isset$pathprefix $pathprefix = '../'; if empty$main require $pathprefix.'code/main.dat'; if isset$e404 or isset$GET'e404' ... if isset$e403 or...

GrayCMS 1.1 - error.php Remote File Inclusion

GrayCMS 1.1 - error.php Remote File Inclusion source: https://www.securityfocus.com/bid/13381/info GrayCMS is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute...