Jump to content

Hire Hacker

Hire Hacker

Hire Hacker

Hire Hacker

Existing user? Sign In
Sign In

Email Address

Password

Remember me
Not recommended on shared computers

Forgot your password?
Sign Up

Sitemagic CMS - 'SMTpl' Directory Traversal

https://hacker.bz/t/entry/14824-sitemagic-cms-039smtpl039-directory-traversal/

source: https://www.securityfocus.com/bid/48399/info

Sitemagic CMS is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to obtain arbitrary local files in the context of the webserver process. 

http://www.example.com/smcmsdemoint/index.php?SMTpl=../../../../../../../../../../etc/passwd%00.png

https://hacker.bz/t/entry/14824-sitemagic-cms-039smtpl039-directory-traversal/