Directory traversal vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the cmd parameter.
CPE | Name | Operator | Version |
---|---|---|---|
bigace_cms | eq | 2.6 |
forum.bigace.de/announcements/security-patch-for-bigace-2-6
osvdb.org/55510
secunia.com/advisories/35643
securitytracker.com/id?1022489
www.bigace.de/Security-patch-for-BIGACE-2.6-released.html
www.securityfocus.com/bid/35537
exchange.xforce.ibmcloud.com/vulnerabilities/51444
www.exploit-db.com/exploits/9052