PHP remote file inclusion vulnerability in lang.php in CMS Made Simple 0.10 and earlier allows remote attackers to execute arbitrary PHP code via the nls[file][vx][vxsfx] parameter.
Software | From | Fixed in |
---|---|---|
cmsmadesimple / cms_made_simple | 0.10 | 0.10.x |