← back
CVE-2008-3568

CVE-2008-3568

EPSS 2.9%
Absolute path traversal vulnerability in fckeditor/editor/filemanager/browser/default/connectors/php/connector.php in UNAK-CMS 1.5.5 allows remote attackers to include and execute arbitrary local files via a full pathname in the Dirroot parameter, a different vulnerability than CVE-2006-4890.1.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/32150unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://securityreason.com/securityalert/4123https://exchange.xforce.ibmcloud.com/vulnerabilities/44212http://www.securityfocus.com/archive/1/495090/100/0/threadedhttp://www.securityfocus.com/bid/30533