Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4878

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-4878
Last Modified 10 Sep 2012 12:00:00
Published 06 Sep 2012 05:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4878

Summary

Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action.

Vulnerable Systems

Application

  • Flatnux 2011-08-09-2


References

XF - flatnux-controlcenter-directory-traversal(74568)

MISC - http://www.vulnerability-lab.com/get_content.php?id=487

BID - 52846

MISC - http://packetstormsecurity.org/files/111473/Flatnux-CMS-2011-08.09.2-CSRF-XSS-Directory-Traversal.html


Last Updated: 27 May 2016 11:00:30