CVE

Id
46052  
CVE No.
CVE-2010-3468  
Status
Candidate  
Description
Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 before 5.1.498 and 5.2 before 5.2.2809, and Sava CMS 5 through 5.2, allows remote attackers to read arbitrary files via a .. (dot dot) in the FILEID parameter to the default URI under tasks/render/file/.  
Phase
Assigned (20100920)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
500926 46052 CVE-2010-3468 EXPLOIT-DB:15120  View
500927 46052 CVE-2010-3468 URL:http://www.exploit-db.com/exploits/15120  View
500928 46052 CVE-2010-3468 MISC:http://www.stratsec.net/Research/Advisories/Blue-River-Mura-CMS-Directory-Traversal-%28SS-2010-0  View
500929 46052 CVE-2010-3468 CONFIRM:http://www.getmura.com/index.cfm/blog/critical-security-patch/  View
500930 46052 CVE-2010-3468 BID:43499  View
500931 46052 CVE-2010-3468 URL:http://www.securityfocus.com/bid/43499  View
500932 46052 CVE-2010-3468 SECUNIA:41591  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
37349 JVNDB-2010-003134 IBM FileNet P8AE の Workplace コンポーネントにおけるクロスサイトスクリプティングの脆弱性 IBM FileNet P8 Application Engine (P8AE) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2010-3472 46052 4.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003134.html  View