Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1125

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-1125
Last Modified 05 Sep 2008 05:36:52
Published 03 Mar 2008 05:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1125

Summary

Multiple directory traversal vulnerabilities in Podcast Generator 1.0 BETA 2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) theme_path parameter to core/themes.php and the (2) filename parameter to download.php.

Vulnerable Systems

Application

  • Podcast Generator 1.0


References

MILW0RM - 5200

BID - 28038


Last Updated: 27 May 2016 10:47:02