CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-3825

Multiple directory traversal vulnerabilities in GenCMS 2006 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) p parameter to show.php and the (2) Template parameter to admin/pages/SiteNew.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.exploit-db.com/exploits/9103
https://exchange.xforce.ibmcloud.com/vulnerabilities/51653
http://www.exploit-db.com/exploits/9103
https://exchange.xforce.ibmcloud.com/vulnerabilities/51653

Products affected by CVE-2009-3825

Thomas Graber » Gencms » Version: 2006

cpe:2.3:a:thomas_graber:gencms:2006

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-3825

Products

Pricing

Contact Us