CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Exero: >> Exero Cms Security Vulnerabilities

CVE-2008-1409

Multiple directory traversal vulnerabilities in the Default theme in Exero CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme parameter to (1) index.php, (2) editpassword.php, and (3) avatar.php in usercp/; (4) custompage.php; (5) errors/404.php; (6) memberslist.php and (7) profile.php in members/; (8) index.php and (9) fullview.php in news/; and (10) nopermission.php.

CVSS Score

7.5

EPSS Score

0.021

Published

2008-03-20

Page 1

Vulnerabilities

Vulnerable Software

Exero: >> Exero Cms Security Vulnerabilities

Products

Pricing

Contact Us