An issue was discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsTemplate/content.html?path=../ URI.
References
Link | Resource |
---|---|
https://github.com/sanluan/PublicCMS/issues/12 | Exploit Third Party Advisory |
Configurations
Information
Published : 2018-06-15 11:29
Updated : 2019-03-18 08:22
NVD link : CVE-2018-12494
Mitre link : CVE-2018-12494
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
publiccms
- publiccms