4 matches found
CVE-2020-13795
An issue was discovered in Navigate CMS through 2.8.7. It allows Directory Traversal because lib/packages/templates/template.class.php mishandles ../ and ..\ substrings...
Navigate CMS 2.8.7 Directory Traversal
Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...
Navigate CMS 2.8.7 - Authenticated Directory Traversal
Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...
CVE-2020-13795
Navigate CMS 2.8.7 and earlier versions are affected by a directory traversal vulnerability in lib/packages/templates/template.class.php that mishandles ../ and ..\ substrings, enabling access to locations outside the restricted directory. The issue is described across multiple sources (NVD, Red ...