The provided code describes a directory traversal vulnerability in ReCMS, where insufficient input sanitization allows attackers to access sensitive files. The example URL demonstrates the vulnerability by manipulating the 'users_lang' parameter.
Classification
Writeup 80%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target:ReCMS (version unspecified)
No auth needed
Prerequisites:Access to the vulnerable ReCMS instance