Zurück zur CVE-Übersicht
CVE-2009-2176
HIGH(7.5)AV:N/AC:L/Au:N/C:P/I:P/A:P
Risk Signal Score21/100 — NIEDRIG
- CVSS 7.5 — Hoch
EPSS-Score
7%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
7.5
Technische Schwere
Beschreibung
Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a and earlier, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) list parameter to code/confirm.php and the (2) template parameter to code/display.php.
Referenzen
- http://osvdb.org/55182
- http://osvdb.org/55183
- http://secunia.com/advisories/35489
- http://www.securityfocus.com/bid/35418
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51205
- https://www.exploit-db.com/exploits/8978
- http://osvdb.org/55182
- http://osvdb.org/55183
- http://secunia.com/advisories/35489
- http://www.securityfocus.com/bid/35418