Description
Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the module_name parameter to admin/includes/FANCYNLOptions.php in the Fancy_NewsLetter module.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2009-0461 | Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the module_name parameter to admin/includes/FANCYNLOptions.php in the Fancy_NewsLetter module. |
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T04:31:26.391Z
Reserved: 2009-02-05T00:00:00.000Z
Link: CVE-2009-0457
No data.
Status : Modified
Published: 2009-02-10T07:00:23.967
Modified: 2026-06-16T23:05:05.093
Link: CVE-2009-0457
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD