Описание
Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page_language parameter.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cmreams:cmreams_cms:1.3.1.1:beta_2:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03295
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in load_language.php in CMReams CMS 1.3.1.1 Beta 2, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page_language parameter.
EPSS
Процентиль: 87%
0.03295
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22