Directory traversal

2006-04-2910:02:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.6%

JSON

Directory traversal vulnerability in index.php in Jupiter CMS 1.1.4 and 1.1.5 allows remote attackers to read arbitrary files via “…” sequences terminated by a %00 (null) character in the n parameter.

CPENameOperatorVersion
jupiter_cmseq1.1.4
jupiter_cmseq1.1.5

CPE	Name	Operator	Version
	jupiter_cms	eq	1.1.4
	jupiter_cms	eq	1.1.5

References

downloads.securityfocus.com/vulnerabilities/exploits/jupitercms-lteq1.1.5-local-file-include.txt

www.securityfocus.com/bid/17716