Re: TGS CMS Remote Code Execution Exploit



Hello BugtraQ, I tried to reproduce this advisory.
And found out that its impossible.
When you create a index.php file, executing admin.template_engine.php,
This index.php contains
   require_once("lib/template.class.php");
but this is wrong file path and executing index.php stop with error
Warning: require_once(./lib/template.class.php)
Fatal error: require_once().
Goood Luck.