Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0513

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-0513
Last Modified 07 Mar 2011 10:04:49
Published 31 Jan 2008 03:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0513

Summary

Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector than CVE-2005-1840.

Vulnerable Systems

Application

  • Phpcms 1.2.2


References

XF - phpcms-parser-directory-traversal(40017)

VUPEN - ADV-2008-0353

BID - 27495

BUGTRAQ - 20080129 Re: Remote File Disclosure in phpCMS 1.2.2

BUGTRAQ - 20080129 Remote File Disclosure in phpCMS 1.2.2

MILW0RM - 5006

SECUNIA - 28709


Last Updated: 27 May 2016 10:46:50