Security fix for DBHcms 1.1.4
Detected remote file inclusion exploit
It has been detected a vulnerability in DBHcms, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Input passed to the "extmanager_install" parameter in dbhcms/mod/mod.extmanager.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.
The vulnerability is confirmed in version 1.1.4.
To fix this security leak, download the security-fix-001 and replace the file mod.extmanager.php in the folder dbhcms/mod/.