Description

e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal. The vulnerability exists in the Media Manager's remote URL upload functionality (image.php) where the upload_caption parameter is not properly sanitized. An attacker with administrative privileges can use directory traversal sequences (../../../) in the upload_caption field to overwrite critical system files outside the intended upload directory. This can lead to complete compromise of the web application by overwriting configuration files, executable scripts, or other critical system components. The vulnerability was discovered by Hubert Wojciechowski and affects the image.php component in the admin interface.

Related CPE's

a

e107

e107

3.2.1

Vulnerable

References

https://e107.org/

Product

https://e107.org/download

Product

https://www.exploit-db.com/exploits/50910

ExploitThird Party AdvisoryVDB Entry

https://www.vulncheck.com/advisories/e-cms-upload-restriction-bypass-with-path-traversal-file-override

Third Party Advisory

https://www.exploit-db.com/exploits/50910

ExploitThird Party AdvisoryVDB Entry

Weaknesses

[email protected]

Secondary
CWE-22CWE-434

[email protected]

Primary
CWE-22

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 · High

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2026-01-13T23:15:59.233Z

1 week ago

Last modified

2026-01-20T18:03:06.060Z

9 hours ago