Fuzzylime Cms Security Vulnerabilities and Issues — Fuzzylime Cms CVE List

Lucene search

FuzzylimeFuzzylime Cms

2 matches found

CVE•added 2009/06/23 9:30 p.m.•38 views

CVE-2009-2177

code/display.php in fuzzylime (cms) 3.03a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to conduct directory traversal attacks and overwrite arbitrary files via a "....//" (dot dot) in the s parameter, which is collapsed into a "../" value.

6.8CVSS7AI score0.01803EPSS

CVE•added 2008/07/14 11:41 p.m.•32 views

CVE-2008-3165

Directory traversal vulnerability in rss.php in fuzzylime (cms) 3.01a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter, as demonstrated using content.php, a different vector than CVE-2007-4805.

6.8CVSS7AI score0.09764EPSS