CVE-2008-5593

Description

Multiple directory traversal vulnerabilities in index.php in Mini CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page and (2) admin parameters.

Affected products

• bpowerhouse / mini_cms1.0.1 – 1.0.1

References

• EXPLOIThttps://www.exploit-db.com/exploits/7375
• MISChttp://securityreason.com/securityalert/4750
• MISChttp://www.securityfocus.com/bid/32680
• VENDOR_ADVISORYhttp://secunia.com/advisories/33024