Directory traversal

2009-10-0114:30:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

77.7%

JSON

Multiple directory traversal vulnerabilities in MUJE CMS 1.0.4.34 allow remote attackers to include and execute arbitrary local files via a … (dot dot) in the (1) _class parameter to admin.php and the (2) url parameter to install/install.php; and allow remote authenticated administrators to read arbitrary files via a … (dot dot) in the (3) _htmlfile parameter to admin.php.

CPENameOperatorVersion
mujecmseq1.0.4.34

CPE	Name	Operator	Version
	mujecms	eq	1.0.4.34

References

secunia.com/advisories/36079

www.exploit-db.com/exploits/9314