Vulnerability
A directory traversal vulnerability in cmsimple/cms.php in CMSimple 3.1 allows remote attackers to include and execute arbitrary local files via a dot dot(..) in the sl parameter to index.php when register globals are enabled. By including adm.php and then invoking the upload action, this can be utilised for remote file execution.
Mitigation / Precaution
The vendor patched 3.1 without changing the version number.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
