13 matches found
Rubedo CMS <=3.4.0 - Directory Traversal
Rubedo CMS through 3.4.0 contains a directory traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI. id: CVE-2018-16836 info: name:...
VulnCheck KEV: CVE-2018-16836
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI...
Rubedo Directory Traversal Vulnerability
Rubedo is a content management system. theme is one of the theme components. A path traversal vulnerability exists in the theme component in Rubedo 3.4.0 and earlier. An attacker can use this vulnerability to read and execute arbitrary files outside of the root directory of the service...
Rubedo CMS 3.4.0 - Directory Traversal Vulnerability
Exploit for linux platform in category web applications Exploit Title: Rubedo CMS 3.4.0 - Directory Traversal Google Dork: intext:rubedo.current.page.description Exploit Author: Marouene Boubakri Vendor Homepage: https://www.rubedo-project.org Version: through 3.4.0 Tested on: Linux CVE :...
Rubedo CMS 3.4.0 Directory Traversal
Exploit Title: Rubedo CMS 3.4.0 - Directory Traversal Google Dork: intext:rubedo.current.page.description Date: 2018-09-11 Exploit Author: Marouene Boubakri Vendor Homepage: https://www.rubedo-project.org Version: through 3.4.0 Tested on: Linux CVE : CVE-2018-16836 PoC: Read /etc/passwd file from...
Directory Traversal
webtales/rubedo is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization of the file path in the theme component, allowing directory traversal attacks...
Rubedo CMS 3.4.0 - Directory Traversal
Rubedo CMS 3.4.0 - Directory Traversal Exploit Title: Rubedo CMS 3.4.0 - Directory Traversal Google Dork: intext:rubedo.current.page.description Date: 2018-09-11 Exploit Author: Marouene Boubakri Vendor Homepage: https://www.rubedo-project.org Version: through 3.4.0 Tested on: Linux CVE :...
Rubedo CMS 3.4.0 - Directory Traversal
Exploit Title: Rubedo CMS 3.4.0 - Directory Traversal Google Dork: intext:rubedo.current.page.description Date: 2018-09-11 Exploit Author: Marouene Boubakri Vendor Homepage: https://www.rubedo-project.org Version: through 3.4.0 Tested on: Linux CVE : CVE-2018-16836 PoC: Read /etc/passwd file from...
CVE-2018-16836
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI...
CVE-2018-16836
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI...
Directory traversal
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI...
CVE-2018-16836
Rubedo CMS up to version 3.4.0 is affected by a Directory Traversal in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside the service root (demonstrated via /theme/default/img/..//etc/passwd). Connected advisories confirm the issue and present the ...
CVE-2018-16836
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI...