CVE-2012-6064
low
CVSS v3
—
CVSS v2
3.5
VIR risk
3.5
Description
Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remote attackers to delete arbitrary files.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| cmsmadesimple | cms_made_simple | {"endIncluding":"1.11.2"} | |
| cmsmadesimple | cms_made_simple | 0.1 | |
| cmsmadesimple | cms_made_simple | 0.2 | |
| cmsmadesimple | cms_made_simple | 0.2.1 | |
| cmsmadesimple | cms_made_simple | 0.3 | |
| cmsmadesimple | cms_made_simple | 0.3.1 | |
| cmsmadesimple | cms_made_simple | 0.3.2 | |
| cmsmadesimple | cms_made_simple | 0.4 | |
| cmsmadesimple | cms_made_simple | 0.4.1 | |
| cmsmadesimple | cms_made_simple | 0.5 | |
| cmsmadesimple | cms_made_simple | 0.5.1 | |
| cmsmadesimple | cms_made_simple | 0.6 | |
| cmsmadesimple | cms_made_simple | 0.6.1 | |
| cmsmadesimple | cms_made_simple | 0.6.2 | |
| cmsmadesimple | cms_made_simple | 0.6.3 | |
| cmsmadesimple | cms_made_simple | 0.7 | |
| cmsmadesimple | cms_made_simple | 0.7.1 | |
| cmsmadesimple | cms_made_simple | 0.7.2 | |
| cmsmadesimple | cms_made_simple | 0.7.3 | |
| cmsmadesimple | cms_made_simple | 0.8 | |
| cmsmadesimple | cms_made_simple | 0.8.1 | |
| cmsmadesimple | cms_made_simple | 0.8.2 | |
| cmsmadesimple | cms_made_simple | 0.9 | |
| cmsmadesimple | cms_made_simple | 0.9.1 | |
| cmsmadesimple | cms_made_simple | 0.9.2 | |
| cmsmadesimple | cms_made_simple | 0.10 | |
| cmsmadesimple | cms_made_simple | 0.10.1 | |
| cmsmadesimple | cms_made_simple | 0.10.2 | |
| cmsmadesimple | cms_made_simple | 0.10.3 | |
| cmsmadesimple | cms_made_simple | 0.10.4 | |
| cmsmadesimple | cms_made_simple | 0.11 | |
| cmsmadesimple | cms_made_simple | 0.11.1 | |
| cmsmadesimple | cms_made_simple | 0.11.2 | |
| cmsmadesimple | cms_made_simple | 0.12 | |
| cmsmadesimple | cms_made_simple | 0.12.1 | |
| cmsmadesimple | cms_made_simple | 0.12.2 | |
| cmsmadesimple | cms_made_simple | 0.13 | |
| cmsmadesimple | cms_made_simple | 1.0 | |
| cmsmadesimple | cms_made_simple | 1.0.1 | |
| cmsmadesimple | cms_made_simple | 1.0.2 | |
| cmsmadesimple | cms_made_simple | 1.0.3 | |
| cmsmadesimple | cms_made_simple | 1.0.4 | |
| cmsmadesimple | cms_made_simple | 1.0.5 | |
| cmsmadesimple | cms_made_simple | 1.0.6 | |
| cmsmadesimple | cms_made_simple | 1.1 | |
| cmsmadesimple | cms_made_simple | 1.1.1 | |
| cmsmadesimple | cms_made_simple | 1.1.2 | |
| cmsmadesimple | cms_made_simple | 1.1.3 | |
| cmsmadesimple | cms_made_simple | 1.1.3.1 | |
| cmsmadesimple | cms_made_simple | 1.1.4 | |
| cmsmadesimple | cms_made_simple | 1.2 | |
| cmsmadesimple | cms_made_simple | 1.2.1 | |
| cmsmadesimple | cms_made_simple | 1.2.2 | |
| cmsmadesimple | cms_made_simple | 1.2.3 | |
| cmsmadesimple | cms_made_simple | 1.2.4 | |
| cmsmadesimple | cms_made_simple | 1.2.5 | |
| cmsmadesimple | cms_made_simple | 1.3 | |
| cmsmadesimple | cms_made_simple | 1.4 | |
| cmsmadesimple | cms_made_simple | 1.4.1 | |
| cmsmadesimple | cms_made_simple | 1.5 | |
| cmsmadesimple | cms_made_simple | 1.5.1 | |
| cmsmadesimple | cms_made_simple | 1.5.2 | |
| cmsmadesimple | cms_made_simple | 1.5.3 | |
| cmsmadesimple | cms_made_simple | 1.5.4 | |
| cmsmadesimple | cms_made_simple | 1.6 | |
| cmsmadesimple | cms_made_simple | 1.6.1 | |
| cmsmadesimple | cms_made_simple | 1.6.2 | |
| cmsmadesimple | cms_made_simple | 1.6.3 | |
| cmsmadesimple | cms_made_simple | 1.6.4 | |
| cmsmadesimple | cms_made_simple | 1.6.5 | |
| cmsmadesimple | cms_made_simple | 1.6.6 | |
| cmsmadesimple | cms_made_simple | 1.6.7 | |
| cmsmadesimple | cms_made_simple | 1.7 | |
| cmsmadesimple | cms_made_simple | 1.7.1 | |
| cmsmadesimple | cms_made_simple | 1.8 | |
| cmsmadesimple | cms_made_simple | 1.8.1 | |
| cmsmadesimple | cms_made_simple | 1.8.2 | |
| cmsmadesimple | cms_made_simple | 1.9 | |
| cmsmadesimple | cms_made_simple | 1.9.1 | |
| cmsmadesimple | cms_made_simple | 1.9.2 | |
| cmsmadesimple | cms_made_simple | 1.9.3 | |
| cmsmadesimple | cms_made_simple | 1.9.4 | |
| cmsmadesimple | cms_made_simple | 1.9.4.1 | |
| cmsmadesimple | cms_made_simple | 1.9.4.2 | |
References
- http://archives.neohapsis.com/archives/bugtraq/2012-11/0035.html
- http://forum.cmsmadesimple.org/viewtopic.php?f=1&t=63545
- http://packetstormsecurity.org/files/117951/CMS-Made-Simple-1.11.2-Cross-Site-Request-Forgery.html
- http://secunia.com/advisories/51185
- http://viewsvn.cmsmadesimple.org/diff.php?repname=cmsmadesimple&path=%2Ftrunk%2Flib%2Ffilemanager%2FImageManager%2FClasses%2FImageManager.php&rev=8400&peg=8498
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79881
- https://www.htbridge.com/advisory/HTB23121
- http://archives.neohapsis.com/archives/bugtraq/2012-11/0035.html
- http://forum.cmsmadesimple.org/viewtopic.php?f=1&t=63545
- http://packetstormsecurity.org/files/117951/CMS-Made-Simple-1.11.2-Cross-Site-Request-Forgery.html
- http://secunia.com/advisories/51185
- http://viewsvn.cmsmadesimple.org/diff.php?repname=cmsmadesimple&path=%2Ftrunk%2Flib%2Ffilemanager%2FImageManager%2FClasses%2FImageManager.php&rev=8400&peg=8498
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79881
- https://www.htbridge.com/advisory/HTB23121
CWEs
CWE-22
Verify integrity in audit chain (admin only). AS-IS.