Published: 12/01/2013 Updated: 23/01/2013

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in download.lib.php in Pragyan CMS 3.0 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the fileget parameter in a profile action to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pragyan cms project pragyan cms 2.6.3
pragyan cms project pragyan cms 2.6.1
pragyan cms project pragyan cms
pragyan cms project pragyan cms 2.6.4
pragyan cms project pragyan cms 2.5.13
pragyan cms project pragyan cms 2.5.12
pragyan cms project pragyan cms 2.5.9
pragyan cms project pragyan cms 2.5.4
pragyan cms project pragyan cms 2.6.2
pragyan cms project pragyan cms 2.5.14

Title Pragyan CMS v 30 => [Remote File Disclosure] Author Or4nGM4n Download spacedlsourceforgenet/project/pragyan/pragyan/30/PragyanCMS-v30-betatarbz2 vuln downloadlibphp line 16 vuln indexphp line 234 $_GET['fileget'] exploit localhost/Pragyan/?page=/&action=profile&fileget=/////// ...

CWE-22 http://www.osvdb.org/82585 http://www.securityfocus.com/bid/51360 http://www.exploit-db.com/exploits/18347 https://nvd.nist.gov https://www.exploit-db.com/exploits/18347/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-6500

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect