CVE-2007-2009

PHP remote file inclusion vulnerability in index.php in SimpCMS Light 04.10.2007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site parameter...

CVE-2007-2009

CVE-2007-2009 affects SimpCMS Light 04.10.2007 and earlier; PHP remote file inclusion in index.php allows remote attackers to execute arbitrary PHP code via a URL supplied in the site parameter. The CVSS base score is 6.8 (Medium). References indicate public exploit activity; remediation details ...

CVE-2007-2009

PHP remote file inclusion vulnerability in index.php in SimpCMS Light 04.10.2007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site parameter...

simpcmslight-rfi.txt

Bug Found By Dr.RoVeR --Arab48 Hacker Contact: [email protected] --- Script: SimpCMS Light Download: http://www.simpcms.com/light/normal/simp-cms-light.zip -- Bug File: index.php Bug code in line 31: include $site.".php"; -- Exploit: http://site.com/path/index.php?site=EvilScript --...

SimpCMS 04.10.2007 - site Remote File Inclusion

SimpCMS 04.10.2007 - site Remote File Inclusion Bug Found By Dr.RoVeR --Arab48 Hacker Contact: [email protected] --- Script: SimpCMS Light Download: http://www.simpcms.com/light/normal/simp-cms-light.zip -- Bug File: index.php Bug code in line 31: include $site.".php"; -- Exploit:...