Vulnerability Details CVE-2009-3507
Directory traversal vulnerability in modules.php in CMSphp 0.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod_file parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.7%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2009-3507
-
cpe:2.3:a:jean-michel_wyttenbach:cmsphp:0.21