‘Pulse CMS login.php Arbitrary File Writing Vulnerability’
‘The original article can be found at: http://secunia.com/secunia_research/2010-45/‘
* Pulse CMS basic version 1.2.2
* Pulse CMS basic version 1.2.3
An error within includes/login.php in the handling of failed login attempts can be exploited to store content in an arbitrary file within the web root. This e.g. allows executing arbitrary PHP code via a specially crafted request.
Successful exploitation requires that ‘register_globals’ is enabled.
19/03/2010 – Vendor notified.
19/03/2010 – Vendor response.
24/03/2010 – Public disclosure.’