← back
CVE-2008-3926

CVE-2008-3926

EPSS 2.3%
Multiple directory traversal vulnerabilities in Content Management Made Easy (CMME) 1.12 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the env parameter in a weblog action to index.php, or (2) create arbitrary directories via a .. (dot dot) in the env parameter in a login action to admin.php.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/6313unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/31599http://securityreason.com/securityalert/4220https://exchange.xforce.ibmcloud.com/vulnerabilities/44683https://exchange.xforce.ibmcloud.com/vulnerabilities/44687https://www.exploit-db.com/exploits/6313http://www.securityfocus.com/bid/30854