Security Advisory

CVE-2008-3926

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2008-09-04 18:00:00

Last updated 2024-08-07 10:00:41

Assigner mitre

State PUBLISHED

Description

Multiple directory traversal vulnerabilities in Content Management Made Easy (CMME) 1.12 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the env parameter in a weblog action to index.php, or (2) create arbitrary directories via a .. (dot dot) in the env parameter in a login action to admin.php.

← Browse all CVEs View on cve.org ↗