CVE-2009-3508

by Fred · 01/10/2009

Multiple directory traversal vulnerabilities in MUJE CMS 1.0.4.34 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) _class parameter to admin.php and the (2) url parameter to install/install.php; and allow remote authenticated administrators to read arbitrary files via a .. (dot dot) in the (3) _htmlfile parameter to admin.php.

Date published : 2009-10-01

http://www.exploit-db.com/exploits/9314

http://secunia.com/advisories/36079

CVE-2009-3508

Similar

Recent Posts

Categories

CVE-2009-3508

Share this:

Similar

Recent Posts

Categories

Tags