Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0545


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-0545
Last Modified 07 Mar 2011 10:04:52
Published 01 Feb 2008 03:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) uri parameter to (a) yui-menu.tpl.php, (b) simple.tpl.php, and (c) advanced.tpl.php in dispatcher/framework/; and the (2) page parameter to (d) yui-menu.php, (e) simple.php, and (f) advanced.php in dispatcher/framework/, different vectors than CVE-2008-0521.

Vulnerable Systems


  • Bubbling Library 1.32


VUPEN - ADV-2008-0347

BID - 27466

MILW0RM - 4991

XF - bubblinglibrary-page-uri-file-include(39969)

Last Updated: 27 May 2016 10:46:50