[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98503

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-4358

Date: (C)2008-09-30   (M)2017-08-08 


Unspecified vulnerability in class/theme.class.php in SPAW Editor PHP Edition before 2.0.8.1 has unknown impact and attack vectors, probably related to directory traversal sequences in the theme name.

CVSS Score: 10.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
BID-31185
SECUNIA-31796
http://blog.solmetra.com/2008/09/10/spaw-editor-php-edition-hotfix-release/
http://sourceforge.net/project/shownotes.php?release_id=625333&group_id=77954
http://spaw.svn.sourceforge.net/viewvc/spaw/spaw2/trunk/class/theme.class.php?r1=151&r2=359
spaweditor-themeclass-unspecified(45104)

CWE    1
CWE-20

© 2013 SecPod Technologies