What is CVE-2013-0136?

CVE-2013-0136 is a vulnerability in Mutiny, classified under Path Traversal. Published 2013-06-01.

Is CVE-2013-0136 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Mutiny

CVE-2013-0136

Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny before 5.0-1.11 allow remote authenticated users to upload and execute arbitrary programs, read arbitrary files, or cause a denial of servic…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.721 (98.8th percentile) — read the EPSS interpretation.

Affected products

Mutiny — versions 5.0-1.00
Mutiny Mutiny_appliance
Mutiny Mutiny_virtual_appliance
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

References

cret@cert.org (Exploit, x_refsource_MISC)
VU#701572 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)

Frequently asked questions

What is CVE-2013-0136?: CVE-2013-0136 is a vulnerability in Mutiny, classified under Path Traversal. Published 2013-06-01.
Is CVE-2013-0136 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.