5 matches found
CVE-2020-35598
ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advancedcomponentsystem/index.php?ACSpath=..%2f URI. NOTE: this might be the same as CVE-2009-4623...
Advanced Comment System 1.0 - 'ACS_path' Path Traversal
Exploit Title: Advanced Comment System 1.0 - 'ACSpath' Path Traversal Date: Fri, 11 Dec 2020 Exploit Author: Francisco Javier Santiago Vázquez aka "n0ipr0cs" Vendor Homepage: Advanced Comment System - ACS Version: v1.0 CVE: CVE-2020-35598...
CVE-2020-35598
ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advancedcomponentsystem/index.php?ACSpath=..%2f URI. NOTE: this might be the same as CVE-2009-4623...
CVE-2020-35598
ACS Advanced Comment System 1.0 is affected by Local File Inclusion/Directory Traversal via advanced_component_system/index.php?ACS_path=..%2f. The Nuclei template and Exploit-DB entry confirm path traversal can lead to viewing sensitive files (e.g., /etc/passwd) and indicate potential remote cod...
CVE-2009-4623
CVE-2020-35598 (Advanced Comment System 1.0) is affected by Local File Inclusion via advanced_component_system/index.php?ACS_path=..%2f. Exploitation can lead to unauthorized file access and, per the Nuclei entry, may enable remote code execution and full system compromise. CVE-2009-4623 is relat...