Teozkr: Security Vulnerabilities
Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cwd parameter. NOTE: remote file inclusion attacks may be possible.
CVSS Score
9.3
EPSS Score
0.008
Published
2009-06-26
SQL injection vulnerability in index.php in LightOpenCMS 0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS Score
6.4
EPSS Score
0.003
Published
2009-05-22