Directory traversal

2009-07-0815:30:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

0.229 Low

EPSS

Percentile

96.6%

JSON

Directory traversal vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the cmd parameter.

CPENameOperatorVersion
bigace_cmseq2.6

CPE	Name	Operator	Version
	bigace_cms	eq	2.6

References

forum.bigace.de/announcements/security-patch-for-bigace-2-6

osvdb.org/55510

secunia.com/advisories/35643

securitytracker.com/id?1022489

www.bigace.de/Security-patch-for-BIGACE-2.6-released.html

www.securityfocus.com/bid/35537

exchange.xforce.ibmcloud.com/vulnerabilities/51444

www.exploit-db.com/exploits/9052