n2cms 2.2.1 Path Disclosure

Affected software: n2cms Type of vulnerability:full path disclosure URL:n2cms.com Discovered by: provensec Website: provensec.com version: 2.2.1 Proof of concept http://demo.n2cms.com/N2/Files/FileSystem/File.aspx?selected=%2fupload%2f%22%3E%3Cimg%20src=d%20onerror=confirm1;%3E1.php%2f manipulati...