Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5642

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-5642
Last Modified 07 Mar 2011 10:14:53
Published 17 Dec 2008 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5642

Summary

Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie.

Vulnerable Systems

Application

  • Cmsmadesimple Cms Made Simple 1.4.1


References

XF - cmsmadesimple-login-file-include(46942)

VUPEN - ADV-2008-3306

BID - 32535

MILW0RM - 7285

SREASON - 4775

SECUNIA - 32924


Last Updated: 27 May 2016 10:48:52