PT-2022-8857 · Unknown · Processwire Cms

Y1Ld1R1M

Published

2022-02-22

Updated

2022-03-02

CVE-2020-27467

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Processwire CMS versions prior to 2.7.1

Description A Directory Traversal issue exists via the download parameter to "index.php".

Recommendations For versions prior to 2.7.1, update to version 2.7.1 or later to resolve the issue.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2020-27467

Processwire Cms