CVE-2009-3181

Publication date

2009-09-11 20:00:00

Family

mitre

State

PUBLISHED

Description

Directory traversal vulnerability in Anantasoft Gazelle CMS 1.0 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the customizetemplate parameter in a direct request to admin/settemplate.php.