VYPR
Unrated severityNVD Advisory· Published Sep 29, 2010· Updated Jun 16, 2026

CVE-2010-3468

CVE-2010-3468

Description

Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 before 5.1.498 and 5.2 before 5.2.2809, and Sava CMS 5 through 5.2, allows remote attackers to read arbitrary files via a .. (dot dot) in the FILEID parameter to the default URI under tasks/render/file/.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7
  • Blueriver/Muracms2 versions
    cpe:2.3:a:blueriver:mura_cms:5.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:blueriver:mura_cms:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:blueriver:mura_cms:5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:blueriver:sava_cms:5.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:blueriver:sava_cms:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:blueriver:sava_cms:5.0.122:*:*:*:*:*:*:*
    • cpe:2.3:a:blueriver:sava_cms:5.2:*:*:*:*:*:*:*
  • Range: >=5 <=5.2
  • Mura/Mura CMSllm-fuzzy
    Range: >=5.1 <5.1.498, >=5.2 <5.2.2809

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.