Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4997

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2012-4997
Last Modified 21 Sep 2012 12:00:00
Published 19 Sep 2012 03:55:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4997

Summary

Directory traversal vulnerability in acp/index.php in AneCMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.

Vulnerable Systems

Application

  • Anecms -

  • Anecms 2e2c583


References

XF - anecms-index-local-file-include(73682)

BID - 52272

EXPLOIT-DB - 18559


Last Updated: 27 May 2016 11:00:46