CVE-2016-7135 in CMSinfo

Summary

Directory traversal vulnerability in Plone CMS 5.x through 5.0.6 and 4.2.x through 4.3.11 allows remote administrators to read arbitrary files via a .. (dot dot) in the path parameter in a getFile action to Plone/++theme++barceloneta/@@plone.resourceeditor.filemanager-actions.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsible

Reservation

09/05/2016

Disclosure

03/07/2017

Moderation

VulDB entry created

Entries

VDB-92698

CPE

ready

CWE

CWE-22 (Confirmed)

CVSS

5.6

EPSS

0.00700

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7135
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7135
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7135/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!