Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2081

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2008-2081
Last Modified 05 Sep 2008 05:39:30
Published 05 May 2008 01:20:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-2081

Summary

Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter.

Vulnerable Systems

Application

  • Siteman 2.0


References

XF - siteman-admin-code-execution(42022)

XF - siteman-index-directory-travesal(42021)

BID - 28943

MILW0RM - 5499

MISC - http://ircrash.com/english/index.php?topic=29.0


Last Updated: 27 May 2016 10:47:45