← back
CVE-2008-0798

CVE-2008-0798

EPSS 2.4%
Multiple directory traversal vulnerabilities in artmedic webdesign weblog 1.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ta parameter to artmedic_index.php, reached through index.php; and the (2) date parameter to artmedic_print.php.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/5116unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/28927https://exchange.xforce.ibmcloud.com/vulnerabilities/40522https://www.exploit-db.com/exploits/5116http://www.securityfocus.com/archive/1/488115/100/100/threadedhttp://www.securityfocus.com/bid/27797