PT-2007-3657 · Julma · Julmacms

Gold_M

Published

2007-04-27

Updated

2017-10-11

CVE-2007-2324

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions JulmaCMS version 1.4

Description A directory traversal issue exists in the file.php component, allowing remote attackers to read arbitrary files by including a .. (dot dot) in the file parameter.

Recommendations For JulmaCMS version 1.4, consider restricting access to the file.php component until a patch is available, or apply configuration changes to limit the impact of the directory traversal issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2324

Affected Products

Julmacms

PT-2007-3657 · Julma · Julmacms

CVE-2007-2324

Related Identifiers

Affected Products

References · 6