Moderate

CVE-2007-6623 - Path Traversal vulnerability in Zeuscms 0.3

Publication: 2008-01-04

Summary

Absolute path traversal vulnerability in ZeusCMS 0.3 and earlier might allow remote attackers to list arbitrary directories via a full pathname in the dir parameter.

Classification

CWE-22: Path Traversal

Risk level (CVSS 5)

Moderate

5.0

Access Vector

Network
Adjacent Network
Local

Access Complexity

Low
Medium
High

Authentication

None
Single
Multiple

Confident. Impact

Complete
Partial
None

Integrity Impact

Complete
Partial
None

Affected Products

Zeuscms Zeuscms 0.3

References

http://www.securityfocus.com/bid/27058
https://www.exploit-db.com/exploits/4798