HolaCMS 1.2.x - 'HTMLtags.php' Local File Inclusion

EDB-ID:

23027

CVE:

N/A




Platform:

PHP

Date:

2003-08-13


source: https://www.securityfocus.com/bid/8416/info

A file include vulnerability has been reported in the htmltags.php module of HolaCMS. This problem may allow an attacker to access potentially sensitive information reserved for adminstration. It has also been reported that some files included via exploitation may allow for information to be edited.

It is not known if this may also be exploited to include remote files. If this is the case, this issue could also lead to remote command execution.

http://www.example.com/path_of_hola/admin/cms/htmltags.php?datei=./sec/data.php