ID de Prueba:	1.3.6.1.4.1.25623.1.0.58313
Categoría:	CGI abuses
Título:	CMSimple Multiple Input Validation Vulnerabilities(2)
Resumen:	NOSUMMARY
Descripción:	Description: The remote version of CMSimple, according to its version number, is vulnerable to a file inclusion attack as well as the ability to inject arbitrary HTML code via the 'sender' parameter in the mailform feature. Versions prior to 2.8 are vulnerable. Solution : Upgrade to 2.8 or later. Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 22250 Common Vulnerability Exposure (CVE) ID: CVE-2007-0610 http://www.securityfocus.com/bid/22250 http://osvdb.org/32976 http://secunia.com/advisories/23951 XForce ISS Database: cmsimple-sender-xss(31841) https://exchange.xforce.ibmcloud.com/vulnerabilities/31841 Common Vulnerability Exposure (CVE) ID: CVE-2007-0551 Bugtraq: 20070120 cmsimple 2.7 Remote File Include (Google Search) http://www.securityfocus.com/archive/1/457668/100/0/threaded http://osvdb.org/33572 http://securityreason.com/securityalert/2195 XForce ISS Database: cmsimple-cms-file-include(31658) https://exchange.xforce.ibmcloud.com/vulnerabilities/31658
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.