Vulnerability Details CVE-2009-1368
Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2, which may have been fixed in 1.10.3.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog
- http://www.securityfocus.com/bid/34474
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49813
- https://www.exploit-db.com/exploits/8394
- http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog
- http://www.securityfocus.com/bid/34474
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49813
- https://www.exploit-db.com/exploits/8394