CVE-2009-1768

2009-05-2218:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.031

Percentile

91.1%

JSON

Directory traversal vulnerability in download.php in Rama Zaiten CMS 0.9.8 and earlier allows remote attackers to read arbitrary files via a … (dot dot) in the file parameter.

References

osvdb.org/54546

secunia.com/advisories/35116

www.securityfocus.com/bid/34995

www.vupen.com/english/advisories/2009/1343

exchange.xforce.ibmcloud.com/vulnerabilities/50572

www.exploit-db.com/exploits/8700