Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5748

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-5748
Last Modified 29 Jan 2009 02:00:07
Published 29 Dec 2008 10:24:23
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5748

Summary

Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.

Vulnerable Systems

Application

  • Bloofoxcms 0.3.4


References

XF - bloofoxcms-dialog-file-include(47611)

BID - 33013

MILW0RM - 7580

SREASON - 4820

SECUNIA - 33135

OSVDB - 51006


Last Updated: 27 May 2016 10:48:54