Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3562


Vulnerability Score 5.1 5.1
CVE Id CVE-2008-3562
Last Modified 05 Sep 2008 05:43:25
Published 10 Aug 2008 04:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE



Directory traversal vulnerability in index.php in the Contact module in Chupix CMS 0.1.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mods parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems


  • Chupix Cms 0.2.3

  • Chupix Cms Contact Module 0.1.0


XF - chupix-contact-index-file-include(44258)


BID - 30564

SECUNIA - 31362

Last Updated: 27 May 2016 10:48:14