CVE-2007-6584

Name of the Vulnerable Software and Affected Versions 1024 CMS versions 1.3.1 through 1.4.2 beta

Description The issue allows remote attackers to include and execute arbitrary local files via directory traversal vulnerabilities. This can be achieved by exploiting the lang parameter to /pages/print/default/ops/news.php, the theme dir parameter to /pages/download/default/ops/search.php, or the admin theme dir parameter to download.php, forum.php, or news.php in admin/ops/reports/ops/. The vulnerability is exploited using a .. (dot dot) in the respective parameters.

Recommendations For 1024 CMS versions 1.3.1 through 1.4.2 beta, as a temporary workaround, consider restricting access to the vulnerable parameters lang, theme dir, and admin theme dir until a patch is available. Avoid using the .. (dot dot) notation in these parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.