From 4417314cc4cbb3daaa58bea14edc3a4b7d111ea9 Mon Sep 17 00:00:00 2001
From: MostInterestingBotInTheWorld
 <98333686+MostInterestingBotInTheWorld@users.noreply.github.com>
Date: Fri, 13 May 2022 09:52:44 -0400
Subject: [PATCH] Enhancement: cves/2018/CVE-2018-16836.yaml by mp

---
 cves/2018/CVE-2018-16836.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cves/2018/CVE-2018-16836.yaml b/cves/2018/CVE-2018-16836.yaml
index 87e87bd4aa..4a2d1fe6a7 100644
--- a/cves/2018/CVE-2018-16836.yaml
+++ b/cves/2018/CVE-2018-16836.yaml
@@ -1,13 +1,14 @@
 id: CVE-2018-16836
 
 info:
-  name: Rubedo CMS 3.4.0 - Directory Traversal
+  name: Rubedo CMS <=3.4.0 - Directory Traversal
   author: 0x_Akoko
   severity: critical
-  description: Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as
+  description: Rubedo CMS through 3.4.0 contains a directory traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as
     demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.
   reference:
     - https://www.exploit-db.com/exploits/45385
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16836
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -29,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/05/13