← volver
CVE-2008-3555

CVE-2008-3555

EPSS 1.9%
Directory traversal vulnerability in index.php in (1) WSN Forum 4.1.43 and earlier, (2) Gallery 4.1.30 and earlier, (3) Knowledge Base (WSNKB) 4.1.36 and earlier, (4) Links 4.1.44 and earlier, and possibly (5) Classifieds before 4.1.30 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the TID parameter, as demonstrated by uploading a .jpg file containing PHP sequences.
Productos afectados
n/a · n/a
PoCs públicas encontradas1
cve_referencewww.exploit-db.com/exploits/6208no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://secunia.com/advisories/31392http://securityreason.com/securityalert/4120https://exchange.xforce.ibmcloud.com/vulnerabilities/44236https://www.exploit-db.com/exploits/6208