Sonicrrr

**Name of the Vulnerable Software and Affected Versions** flusity CMS version 2.4 **Description** The issue allows a remote attacker to execute arbitrary code and obtain sensitive information via the download backup.php component. This is a Directory Traversal vulnerability, which means an attacker can access files and directories that are not intended to be accessible, potentially leading to the execution of arbitrary code. **Recommendations** For flusity CMS version 2.4, consider disabling the download backup.php component until a patch is available to prevent exploitation. Restrict access to sensitive information and files to minimize the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.