Published: 17/04/2006 Updated: 05/09/2008

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

VMScore: 765

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Directory traversal vulnerability in runCMS 1.2 and previous versions allows remote malicious users to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. NOTE: this issue is closely related to CVE-2006-0659.

Vulnerable Product	Search on Vulmon	Subscribe to Product
runcms runcms 1.1
runcms runcms 1.1a
runcms runcms

<?php # ---runcms_13a_xplphp 1730 09/02/2006 # # # # RunCMS <= 12 arbitrary remote inclusion exploit # # " <= 13a shell upload through FCKEditor # # ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/424708 http://retrogod.altervista.org/runcms_13a_xpl.html http://www.securityfocus.com/bid/16578 https://nvd.nist.gov https://www.exploit-db.com/exploits/1485/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-1793

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect