Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0290


Vulnerability Score 6.8 6.8
CVE Id CVE-2009-0290
Last Modified 27 Jan 2009 12:00:00
Published 27 Jan 2009 02:30:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the g4_path parameter. NOTE: in some environments, this can be leveraged for remote code execution via a data: URI or a UNC share pathname.

Vulnerable Systems


  • Sir Gnuboard 4.31.03


XF - gnuboard-common-file-include(48015)

BID - 33304

MILW0RM - 7792

SECUNIA - 33564

Last Updated: 27 May 2016 10:50:11