CVE-2008-2863
CVE-2008-2863
Multiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp in cms/assetmanager/.
Affected products
n/a · n/apublic PoCs found — 1
cve_referencewww.exploit-db.com/exploits/5859unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/30762http://securityreason.com/securityalert/3957https://exchange.xforce.ibmcloud.com/vulnerabilities/43193https://www.exploit-db.com/exploits/5859http://www.bugreport.ir/?/45http://www.securityfocus.com/archive/1/493473/100/0/threadedhttp://www.securityfocus.com/bid/29812