Vulnerability Details CVE-2011-0518
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via the system parameter to index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.631
EPSS Ranking 98.3%
CVSS Severity
CVSS v2 Score 5.1
References
- http://osvdb.org/70409
- http://secunia.com/advisories/42835
- http://www.exploit-db.com/exploits/15964
- http://www.vupen.com/english/advisories/2011/0073
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64736
- http://osvdb.org/70409
- http://secunia.com/advisories/42835
- http://www.exploit-db.com/exploits/15964
- http://www.vupen.com/english/advisories/2011/0073
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64736