7.3 High
AI Score
Confidence
Low
0.022 Low
EPSS
Percentile
89.7%
Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to check for the existence of arbitrary files via a … (dot dot) in the page parameter.
secunia.com/advisories/30472
www.securityfocus.com/bid/31730
www.vupen.com/english/advisories/2008/2798
exchange.xforce.ibmcloud.com/vulnerabilities/45822
www.exploit-db.com/exploits/6737