Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1352

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-1352
Last Modified 05 Sep 2008 05:37:30
Published 17 Mar 2008 12:44:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1352

Summary

Directory traversal vulnerability in search.php in EdiorCMS (ecms) 3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the _SearchTemplate parameter during a Title search.

Vulnerable Systems

Application

  • Hangzhou Network Technology Development Ediorcms 3.0


References

XF - edior-search-directory-traversal(41189)

BID - 28242

BUGTRAQ - 20080313 Directory traversal in EdiorCMS V3.0

SREASON - 3746


Last Updated: 27 May 2016 10:47:07