eoCMS: Local File Inclusion (LFI) Vulnerability

Users of eoCMS please be advised of a Local File Inclusion vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

HTB22676: LFI in eoCMS
Product: eoCMS
Vulnerability Type: Local File Inclusion
Vulnerability Details:
The vulnerability exists due to failure in the “/index.php” script to properly sanitize user-supplied input in theme
variable.Read more at http://www.criticalwatch.com
 

Advertisements