CVE Daily

CVE-2009-4231

Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and e...

High CVSS 7.5

Overview

Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via .. (dot dot) in the plugin parameter.

CWE: CWE-22 Published: 2009-12-08T19:30:00.280
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.5 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags