Path Traversal in Mozilo Mozilocms

CVE-2008-3589

Directory traversal vulnerability in download.php in moziloCMS 1.10.1, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the cat parameter.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.024 (81.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References