Posted by Jing Wang on Mar 16

*724CMS 5.01 Directory (Path) Traversal Security Vulnerabilities*

Exploit Title: 724CMS /section.php Module Parameter Directory Traversal
Security Vulnerabilities
Vendor: 724CMS
Product: 724CMS
Vulnerable Versions: 3.01 4.01 4.59 5.01
Tested Version: 5.01
Advisory Publication: March 14, 2015
Latest Update: March 14, 2015
Vulnerability Type: Improper Limitation of a Pathname to a Restricted
Directory (‘Path Traversal’) [CWE-22]…