CMS Made Simple < 1.8.1 Local File Include Vulnerability

High Nessus Network Monitor Plugin ID 5598

Synopsis

The remote web server is running a PHP application that is affected by a local file include vulnerability.

Description

The remote host is running CMS Made Simple, a web-based content-management application written in PHP.

Versions of CMS Made Simple earlier than 1.8.1 are potentially affected by a local file include vulnerability because the application fails to properly sanitize user supplied input to the 'default_lang' parameter of the 'translation.functions.php' script. A remote, authenticated attacker, exploiting this flaw could execute arbitrary code subject to the privileges of the user running the affected web server.

Solution

Upgrade to CMS Made Simple 1.8.1 or later.

See Also

http://www.cmsmadesimple.org/2010/07/3/announcing-cms-made-simple-1-8-1-mankara

http://downloads.securityfocus.com/vulnerabilities/exploits/41565.py

Plugin Details

Severity: High

ID: 5598

Family: CGI

Published: 2010/07/14

Modified: 2016/01/25

Dependencies: 1442

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

CVSSv3

Base Score: 6.3

Temporal Score: 6.2

Vector: CVSS3#AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:cmsmadesimple:cms_made_simple

Patch Publication Date: 2010/07/13

Vulnerability Publication Date: 2010/07/11

Reference Information

BID: 41565