CVE-2012-6064
Published Dec 3, 2012
Last updated 7 years ago
Overview
- Description
- Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remote attackers to delete arbitrary files.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-22
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BF75ED4-BC86-4EC5-A64E-38C7915F6561",
"versionEndIncluding": "1.11.2"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE0143D1-03F2-497B-A24D-8C989C10EFBA"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B36B7B1-8A62-4A2D-A0E3-360DC56CE661"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F57C668-24A4-4E57-8737-71DD84356986"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFDA54CA-3D5B-4D30-864B-B4227961FABD"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2CA4D26A-0FA0-4998-B8EB-23BAE3C4B6A8"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCFA77F1-B40F-4DC5-AD48-4EA403E691C6"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD39CD3A-0982-4BA3-A965-56BA06EDE972"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "262B4547-CAEB-44A0-AB42-8D51C06DC0B6"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7F4228D-8EEA-49B5-B3A2-2298477BB830"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1AB6A475-ADAC-4C31-9C27-C32E79E65A85"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41E3BC7F-E4CD-410F-90E9-BE3352846FE1"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE089F0E-CEAC-45C2-9F50-9DDDA77BA16C"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C39AFF8F-8D83-4E41-BFA6-0DB4C76AB2C8"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05DDCE27-5140-4D88-A9BF-9D77DF0D1B7F"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81464454-2834-4387-9093-679EC9F57A00"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98904F65-B481-455F-BF9B-CDFF8B0964B2"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3DDCBA15-205B-4879-8B64-F3264FD097E5"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2056E4B7-2528-40A4-B28E-8E4FB3E6361F"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02FEC8DD-413B-4669-BEBF-C62B9A79D70E"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "418CD161-9F55-4631-A08C-08A9CF05CEC0"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F38D4B6-A255-4AAC-8AFF-DAB97C1B558F"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "192B8763-CB7B-45AB-A5AD-1B9675CF8D06"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A313016-9EC8-4AE0-A880-D95A17BA990B"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8AB70F8F-F931-4AFC-8C5C-D1A56BDA63B6"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B87A7B4D-FB2C-4896-BF22-76F5D16A995E"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3690E06D-394E-44BC-9929-B17B2734D80A"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAED3443-D64D-4FF6-851C-90A99F61CCC5"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D76634F-6DC4-49CD-8060-21F2ED17F652"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0FBFCAD-8850-4804-9B2A-566FDDE39685"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C94DE9A2-E9AA-43BC-8D1F-EFA97722C482"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DCBA3A6-3776-470D-BFC7-E4836D2A586F"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C7F327F-CA20-47C1-BF99-AB4A439EAB07"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04796760-3ED2-4B65-B571-6685916A8130"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B5C6034-A597-41A6-9F1A-F3DAB63DF31C"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FE3B4A8-9C8A-46D2-A8EB-49FD3533ED3D"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B4AA57A0-804A-4008-A131-0DF259A5515F"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43F7E5BD-553E-4731-BED1-7E7DB772AD82"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4BF3B2C-1909-4CCF-A487-6378615D6A4A"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD2946B5-8AAF-4386-8C31-7D291C31BB7E"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AB06C16-336C-4D85-84F6-24F079A2B144"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FB1C531-AA30-4B89-A8BF-744B053B4983"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD0AE7F4-49F8-443A-9C8F-2F1C42F46713"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0203A997-A077-4A8A-A3FE-CA9D10FF43AC"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "574E610A-4799-45C9-B005-C1593B033AD9"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F3B9680-3A66-4508-A318-B9B348FDC222"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9BDADD27-8249-4DE3-A2B5-EE1A3AD73F28"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E3417F0-EBAF-405E-A26E-F3EA570A0447"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87178F45-424A-47D8-BEA5-B8371B722CC5"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38CCB2E6-7722-4F23-AEF4-E720D1D63801"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2FA0450-91E6-4250-A1D1-F2CFBB74A5B3"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98D93656-A4D2-44C4-82EC-55C8BE1A7304"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BAEAE47F-5A26-474E-8F7F-72976A8FEBA3"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E188A80A-980F-4AD8-B3B8-21D303121F35"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E730A3A8-8A60-4CC5-B167-26984DE0DA3E"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA19F5B2-7C5C-43DD-85ED-E2CD4EF6E748"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "778E5678-B763-415E-AA35-EF644E7A2CD0"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7DEC1EBC-1DBA-4350-8B34-7A872C62B6BC"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "078B102C-748B-4847-8413-71659982AF01"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F8649F4-1A33-41AE-888F-2D6BB19BCB6C"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DC37F28-C58A-4492-A107-4348ECE9AAFA"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "206B72EC-895E-4DA0-B41B-AAE41E53C108"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC131029-CE9C-437E-B3D3-7924062E14D1"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF34A817-09AC-4C7E-916B-1B158C5EE599"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20E8FFE1-9431-4146-AFD3-5491F5FE3C23"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1016173-D980-4909-86C0-81C94711FE27"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "068BF668-9626-4CA4-A401-1946DCF916AC"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DA029BD9-1025-4802-BAE2-BEE218715FC2"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9928102A-27E2-4604-93F4-318BA7CDCAFA"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1EECFB4-7001-411F-BBAE-BABD5248E4B6"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40C6F2FA-0518-4B2A-9F05-51897A16AF6A"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A35145EB-E7A7-48EC-91A9-9D423F316712"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "589C199E-12F9-41CF-BFE0-4B952B773460"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7BB9992D-2EF4-4DBF-898A-6284A074403E"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F14D3BD-5835-4206-BE44-72F31F46D067"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61F2E017-EEBD-473F-A15A-FD7B52A74E5A"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EE7E3436-2FF9-4DC6-A552-A46330220AF4"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C5A4D84-4C6D-453D-B1D3-2445DD7213C1"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EC3F038-4441-4409-9384-26565F6385EB"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF32C8E8-0937-453E-9487-395331A50611"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9523997A-4302-411D-8BF2-711A28969704"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95ED7D98-40D4-41C3-8029-EDC5A41EEBAF"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3F744F6-DCAE-486A-BED8-F560186628C8"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A152CC40-72E0-4200-8670-CD99C69141EB"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9B346F2-919D-4D5E-AFFF-25531AC3676E"
},
{
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7C0B4EB-BA28-4BBE-8A73-926DC0B38F54"
}
],
"operator": "OR"
}
]
}
]