Vulnerability Details CVE-2011-3837
Directory traversal vulnerability in blog_system/data_functions.php in Wuzly 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the preview parameter to index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.6%
CVSS Severity
CVSS v2 Score 6.8
References
- http://osvdb.org/77912
- http://secunia.com/advisories/46163
- http://secunia.com/secunia_research/2011-87/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71903
- http://osvdb.org/77912
- http://secunia.com/advisories/46163
- http://secunia.com/secunia_research/2011-87/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71903