JAF CMS 4.0.0 RC2 - 'website' / 'main_dir' Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/28476/info JAF CMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and...