exploitDog

GHSA-6m6f-qg2x-g8vj

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cwd parameter. NOTE: remote file inclusion attacks may be possible.

Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cwd parameter. NOTE: remote file inclusion attacks may be possible.

Ссылки

EPSS

Процентиль: 84%

0.0212

Низкий

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2009-2223

nvd

больше 16 лет назад

Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cwd parameter. NOTE: remote file inclusion attacks may be possible.

EPSS

Процентиль: 84%

0.0212

Низкий

CVE ID

Дефекты

CWE-22