1 results (0.003 seconds)

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 2

Directory traversal vulnerability in post.php in SiteXS CMS 0.1.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the type parameter. Vulnerabilidad de salto de directorio en post.php en SiteXS CMS v0.1.1 y anteriores permite a atacantes remotos incluir y ejecutar ficheros de su elección mediante un .. (punto punto) en el parámetro type. • https://www.exploit-db.com/exploits/7879 http://www.securityfocus.com/bid/33457 http://www.vupen.com/english/advisories/2009/0247 https://exchange.xforce.ibmcloud.com/vulnerabilities/48236 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •