CVE-2008-3415
N/A
N/A
Summary
Directory traversal vulnerability in common.php in CMScout 2.05, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bit parameter, as demonstrated by an upload to avatar/ of a .jpg file containing PHP sequences.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/31243
- http://www.cmscout.co.za/index.php?page=news&id=29
- http://securityreason.com/securityalert/4093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44017
- http://www.vupen.com/english/advisories/2008/2218/references
- http://www.securityfocus.com/bid/30385
- https://www.exploit-db.com/exploits/6142
References
- http://secunia.com/advisories/31243
- http://www.cmscout.co.za/index.php?page=news&id=29
- http://securityreason.com/securityalert/4093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44017
- http://www.vupen.com/english/advisories/2008/2218/references
- http://www.securityfocus.com/bid/30385
- https://www.exploit-db.com/exploits/6142
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.