Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2974


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-2974
Last Modified 08 Apr 2009 01:27:22
Published 02 Jul 2008 01:14:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Directory traversal vulnerability in chatconfig.php in MM Chat 1.5, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter.

Vulnerable Systems


  • Mm Chat 1.5


XF - mmchat-chatconfig-file-include(43327)

BID - 29910

MILW0RM - 5919

Last Updated: 27 May 2016 10:48:02