Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5201


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-5201
Last Modified 20 Aug 2009 01:22:56
Published 21 Nov 2008 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

Vulnerable Systems


  • Otmanager Cms 24a


XF - otmanager-conteudo-file-include(43459)

BID - 29992

MILW0RM - 5957

SREASON - 4644

Last Updated: 27 May 2016 10:48:44