Acuity CMS 2.6.x (ASP-based) versions are vulnerable to Path Traversal.
Acuity CMS is a powerful but simple, extremely easy to use, low
priced, easy to deploy content management system. It is a leader in
its price and feature class.
3. VULNERABILITY DESCRIPTION
The issue is due to the script, /admin/file_manager/browse.asp, not
properly sanitizing user input, specifically directory traversal style
attacks (e.g., ../../) supplied via the 'path' parameter. It would
allow the attacker to access arbitrary files outside of web root
4. VERSIONS AFFECTED
Tested with version 2.6.2.
The Acunity CMS is no longer in active development.
It is recommended to user another CMS in active development and support.
Aung Khant, http://yehg.net, YGN Ethical Hacker Group, Myanmar.
9. DISCLOSURE TIME-LINE
2012-05-20: vulnerability disclosed
Original Advisory URL: