Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the bit parameter to (1) admin.php and (2) index.php, different vectors than CVE-2008-3415.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cmscout cmscout 2.06 |