[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97559

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-6253

Date: (C)2009-02-24   (M)2017-10-11
 
CVSS Score: 6.8Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pluck 4.5.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the g_pcltar_lib_dir parameter.

Reference:
http://www.securityfocus.com/archive/1/498438
BID-32342
SECUNIA-32736
EXPLOIT-DB-7153
http://www.pluck-cms.org/index.php?file=kop11.php
pluck-pcltarlib-file-include(46676)

CPE    1
cpe:/a:pluck-cms:pluck:4.5.3
CWE    1
CWE-22

© 2013 SecPod Technologies