Directory Traversal Vulnerabilities in Page Engine CMS by Unknown Vendor
CVE-2009-0729

Currently unrated

Key Information:

Vendor

Lingx

Status
Page Engine Cms
Vendor
CVE Published:
24 February 2009

What is CVE-2009-0729?

Multiple directory traversal vulnerabilities in Page Engine CMS versions 2.0 Basic and Pro allow remote attackers to manipulate file inclusion mechanisms. By exploiting the fPrefix parameter, attackers can craft inputs that enable them to include and execute arbitrary local files within the CMS. This includes critical modules such as recent_poll_include.php, login_include.php, and statistics_include.php, as well as configuration files located in the includes directory. These vulnerabilities pose significant risks if left unaddressed, potentially allowing unauthorized access to sensitive server files.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://osvdb.org/52178
vdb-entryx_refsource_OSVDB
http://osvdb.org/52177
vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/48856
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.