Unrated severityNVD Advisory· Published Feb 24, 2009· Updated Apr 23, 2026

CVE-2009-0729

Description

Multiple directory traversal vulnerabilities in Page Engine CMS 2.0 Basic and Pro allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the fPrefix parameter to (1) modules/recent_poll_include.php, (2) modules/login_include.php, and (3) modules/statistics_include.php and (4) configuration.inc.php in includes/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected products

Lingx/Page Engine CMS2 versions
cpe:2.3:a:lingx:page_engine_cms:2.0:-:basic:*:*:*:*:*+ 1 more
- cpe:2.3:a:lingx:page_engine_cms:2.0:-:basic:*:*:*:*:*
- cpe:2.3:a:lingx:page_engine_cms:2.0:-:pro:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/33983nvdVendor Advisory
osvdb.org/52175nvd
osvdb.org/52176nvd
osvdb.org/52177nvd
osvdb.org/52178nvd
www.securityfocus.com/bid/33860nvd
exchange.xforce.ibmcloud.com/vulnerabilities/48856nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000