[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110204

 
 

909

 
 

85984

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2008-4358Date: (C)2008-09-30   (M)2018-02-19


Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP Edition before 2.0.8.1 has unknown impact and attack vectors, probably related to directory traversal sequences in the theme name.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 10.0
Exploit Score: Exploit Score: 10.0
Impact Score: Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: LOW
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: COMPLETE
Scope: Integrity: COMPLETE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
BID-31185
SECUNIA-31796
http://blog.solmetra.com/2008/09/10/spaw-editor-php-edition-hotfix-release/
http://sourceforge.net/project/shownotes.php?release_id=625333&group_id=77954
http://spaw.svn.sourceforge.net/viewvc/spaw/spaw2/trunk/class/theme.class.php?r1=151&r2=359
spaweditor-themeclass-unspecified(45104)

CWE    1
CWE-20

© SecPod Technologies