Description
Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg file containing PHP sequences.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Khashayar Fereidani · textwebappsphp
https://www.exploit-db.com/exploits/6142
References (7)
Core 7
Core References
Exploit, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31243
Various Sources x_refsource_confirm
http://www.cmscout.co.za/index.php?page=news&id=29
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4093
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44017
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/2218/references
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30385
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6142
Scores
EPSS
0.0750
EPSS Percentile
91.8%
Details
CWE
CWE-22
Status
published
Products (1)
cmscout/cmscout
2.05
Published
Jul 31, 2008
Tracked Since
Feb 18, 2026