Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0703

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-0703
Last Modified 05 Sep 2008 05:35:46
Published 11 Feb 2008 08:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0703

Summary

Multiple directory traversal vulnerabilities in sflog! 0.96 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) permalink or (2) section parameter to index.php, possibly involving includes/entries.inc.php and other files included by index.php.

Vulnerable Systems

Application

  • Sflog 0.96


References

XF - sflog-blog-index-directory-traversal(40115)

BID - 27541

BUGTRAQ - 20080131 sflog! 0.96 remote file disclosure vulnerabilities

MILW0RM - 5027

SREASON - 3629


Last Updated: 27 May 2016 10:46:54