Neutrino-cms : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in index.php in Neutrino Atomic Edition 0.8.4 allows remote attackers to read and modify files, as demonstrated by manipulating data/sess.php in (1) usb and (2) del_pag actions. NOTE: this can be leveraged for code execution by performing an upload that bypasses the intended access restrictions that were implemented in sess.php.
Max CVSS
10.0
EPSS Score
7.02%
Published
2008-07-11
Updated
2017-09-29
1 vulnerabilities found