CVE-2009-2552

Name of the Vulnerable Software and Affected Versions Super Simple Blog Script version 2.5.4

Description The issue concerns multiple directory traversal vulnerabilities in the comments.php file. Remote attackers can exploit these vulnerabilities to overwrite, include, and execute arbitrary local files by manipulating the entry parameter in the affected API endpoint.

Recommendations For Super Simple Blog Script version 2.5.4, consider restricting access to the comments.php file and the entry parameter to minimize the risk of exploitation. As a temporary workaround, avoid using the entry parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.