header-logo
Suggest Exploit
vendor:
Rama Zeiten CMS
by:
SecurityFocus
7,5
CVSS
HIGH
Remote File Disclosure
22
CWE
Product Name: Rama Zeiten CMS
Affected Version From: 0.99
Affected Version To: 0.99
Patch Exists: YES
Related CWE: N/A
CPE: a:rama_zeiten:rama_zeiten_cms
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2012

Rama Zeiten CMS Remote File Disclosure Vulnerability

Rama Zeiten CMS is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view local files in the context of the web server process, which may aid in further attacks.

Mitigation:

Input should be validated and sanitized to prevent malicious input from being processed.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/54467/info

Rama Zeiten CMS is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability to view local files in the context of the web server process, which may aid in further attacks.

Rama Zeiten CMS 0.99 is vulnerable; other versions may also be affected.

http://www.example.com/ramazeiten/download.php?file=../../../../../etc/passwd

Navigation

Suggest Exploit

Services By CQR