Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.03a and earlier, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) list parameter to code/confirm.php and the (2) template parameter to code/display.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-06-23T21:21:00
Updated: 2024-08-07T05:44:55.611Z
Reserved: 2009-06-23T00:00:00
Link: CVE-2009-2176
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-06-23T21:30:00.360
Modified: 2017-09-29T01:34:45.747
Link: CVE-2009-2176
Redhat
No data.