CVE-2008-1231
CVE-2008-1231
Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/5112unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://marc.info/?l=bugtraq&m=120300554011544&w=2http://secunia.com/advisories/28969https://exchange.xforce.ibmcloud.com/vulnerabilities/40508https://www.exploit-db.com/exploits/5112http://www.bugsec.com/articles.php?Security=48&Web-Application-Firewall=0http://www.securityfocus.com/bid/27785