Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2982


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-2982
Last Modified 05 Sep 2008 05:41:47
Published 02 Jul 2008 01:14:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Multiple directory traversal vulnerabilities in HomePH Design 2.10 RC2, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) thumb_template parameter to (a) admin/templates/template_thumbnail.php, and the (2) language parameter to (b) account/account.php, (c) downloads/downloads.php, (d) forum/forum.php, (e) fotogalerie/delete.php, and (f) fotogalerie/fotogalerie.php in admin/features/.

Vulnerable Systems


  • Homeph Design 2.10


XF - homephdesign-language-file-include(43258)

MILW0RM - 5903

Last Updated: 27 May 2016 10:48:02