Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6172

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-6172
Last Modified 30 Apr 2009 01:32:20
Published 19 Feb 2009 11:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-6172

Summary

Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.

Vulnerable Systems

Application

  • Weberr Rwcards 3.0.11


References

XF - rwcards-captchaimage-file-include(46081)

BID - 31892

MILW0RM - 6817

SECUNIA - 32367


Last Updated: 27 May 2016 10:49:06