Rubedo CMS 3.4.0 Directory Traversal Vulnerability CVE-2018-16836 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

10

Rubedo CMS 3.4.0 Directory Traversal Vulnerability CVE-2018-16836 Scanner Detail

There is a directory traversal vulnerability in Rubedo CMS 3.4.0, which allow remote attackers to read arbitrary files.

Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.

Some Advice for Common Problems

You need update to latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service