Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3128

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-3128
Last Modified 26 Nov 2012 10:48:39
Published 10 Jul 2008 07:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3128

Summary

Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the t parameter.

Vulnerable Systems

Application

  • Pivot 1.40.5


References

XF - pivot-search-directory-traversal(43470)

BID - 30012

CONFIRM - http://pivot-weblog.svn.sourceforge.net/viewvc/pivot-weblog/branches/1.40.x/pivot/modules/module_parser.php?r1=1333&r2=1332&pathrev=1333

SECTRACK - 1020412

MILW0RM - 5973

SECUNIA - 30889

CONFIRM - http://forum.pivotlog.net/viewtopic.php?t=12471

VUPEN - ADV-2008-1991


Last Updated: 27 May 2016 10:58:30