CVE-2020-13795

2020-06-0322:15:11

Google

osv.dev

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

42.9%

JSON

An issue was discovered in Navigate CMS through 2.8.7. It allows Directory Traversal because lib/packages/templates/template.class.php mishandles …/ and …\ substrings.

CPENameOperatorVersion
navigate-cmseqlatest

CPE	Name	Operator	Version
	navigate-cms	eq	latest

References

packetstormsecurity.com/files/157940/Navigate-CMS-2.8.7-Directory-Traversal.html

github.com/NavigateCMS/Navigate-CMS/commit/88b41c7665ac7181be063b7a541dded7b207d9e7