CVE-2008-3555
N/A
N/A
Summary
Directory traversal vulnerability in index.php in (1) WSN Forum 4.1.43 and earlier, (2) Gallery 4.1.30 and earlier, (3) Knowledge Base (WSNKB) 4.1.36 and earlier, (4) Links 4.1.44 and earlier, and possibly (5) Classifieds before 4.1.30 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the TID parameter, as demonstrated by uploading a .jpg file containing PHP sequences.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/31392
- http://securityreason.com/securityalert/4120
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44236
- https://www.exploit-db.com/exploits/6208
References
- http://secunia.com/advisories/31392
- http://securityreason.com/securityalert/4120
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44236
- https://www.exploit-db.com/exploits/6208
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.