CVE-2010-1298

Name of the Vulnerable Software and Affected Versions Pulse CMS version 1.2.2

Description A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using directory traversal sequences in the f parameter of the view.php file.

Recommendations For Pulse CMS version 1.2.2, as a temporary workaround, consider restricting access to the view.php file until a patch is available. Avoid using the f parameter in the view.php file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.