Unrated severityNVD Advisory· Published Sep 11, 2009· Updated Jun 16, 2026
CVE-2009-3167
CVE-2009-3167
Description
Directory traversal vulnerability in index.php in Anantasoft Gazelle CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the template parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:anantasoft:gazelle_cms:1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:anantasoft:gazelle_cms:1.0:*:*:*:*:*:*:*
- (no CPE)range: =1.0
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/33483nvdExploit
- secunia.com/advisories/33686nvdVendor Advisory
- www.exploit-db.com/exploits/7895nvd
- www.exploit-db.com/exploits/9425nvd
News mentions
0No linked articles in our index yet.