SLAB500 is a complete, dynamic, modular web-system designed to your specifications, allowing you to quickly and conveniently update all your content, add new pages, upload images, sounds and video from any browser, via our front-end interface from any location that you have web access.
-- taken from they website http://www.slab5000.com --
I discover 2 bugs one known as "path disclosure" and Arbitrary File Read Vulnerability in the SLAB5000 Content Management System that allow malicious attacker to read sensitive information about the system.
Due to improper sanity checks in the variable $page:
Warning: main(/usr/www/users/username/slab500/common/../../../var/index.php): failed to open stream: No such file or directory in /usr/www/users/usernameb/slab500/folder/index.php on line 63
Due to imporper sanity inputs checks too, just adding the NULL byte and the end of the file:
Edit the source to do sanity input checks as well.
Sorry if my english is bad :)
irc: #nt at Undernet
shoutz: warcold, KrOsS, HoOH, lsdx, jsz, and all the guyz from DO.