CVE-2009-1368 Information

Description

Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE-2008-6126.2 which may have been fixed in 1.10.3.

Reference

http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog http://www.securityfocus.com/bid/34474 https://exchange.xforce.ibmcloud.com/vulnerabilities/49813 https://www.exploit-db.com/exploits/8394