Important security announcement

A place for security related announcements and discussions - please check this forum frequently!
Posts: 27
Joined: Wed May 28, 2008 11:55 am

Important security announcement

Post by harteg » Sun Jun 01, 2008 5:19 pm

There is a Local File Inclusion / Arbitrary File Upload bug in CMSimple, which is being exploited by hackers.

If your webhotel runs with register globals on (only a few does), you are strongly advised to update CMSimple to the download available at / (version 3.1 - in top of cms.php added "SECURITY BUG FIX JUNE 1.2008").

The bug fix is at line 70 in cms.php:
$pth['file']['language'] = $pth['folder']['language'].$sl.'.php';

basename function is to be added to $sl:

$pth['file']['language'] = $pth['folder']['language'].basename($sl).'.php';

On Linux/Apache you can sometimes turn off register_globals by uploading a .htaccess file in webroot with "php_flag register_globals off".