← back
CVE-2011-0518

CVE-2011-0518

EPSS 15.8%
Vexday Risk Score
43Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 15.8%KEV nãoPoC públicaNuclei simMetasploit simPatch
Lifecycle
10 Jan 2011Public PoC
20 Jan 2011Published on NVD
03 Mar 2011Metasploit module available
Weaponization speed
41 daysto Metasploit module
Recommendation: Plan a near-term fix — a public PoC already exists.
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via the system parameter to index.php.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.