Stefan Hesselman

**Name of the Vulnerable Software and Affected Versions** CuteEditor for PHP (now referred to as Rich Text Editor) version 6.6 **Description** The software contains a directory traversal issue in the browse template feature. This allows attackers to write files to arbitrary web root directories by exploiting the `ServerMapPath()` function. Attackers can rename uploaded HTML files using directory traversal sequences to write files outside the intended template directory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.