Fuzzylime Cms@3.03a Security Vulnerabilities and Issues — Fuzzylime Cms@3.03a CVE List

Lucene search

FuzzylimeFuzzylime Cms3.03a

2 matches found

CVE•added 2009/06/23 9:30 p.m.•38 views

CVE-2009-2177

code/display.php in fuzzylime (cms) 3.03a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to conduct directory traversal attacks and overwrite arbitrary files via a "....//" (dot dot) in the s parameter, which is collapsed into a "../" value.

6.8CVSS7AI score0.01803EPSS

CVE•added 2009/06/23 9:30 p.m.•36 views

CVE-2009-2176

Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a and earlier, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) list parameter to code/confirm.php and the (2) template parameter to...

7.5CVSS7.5AI score0.04293EPSS