[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97559

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-6726

Date: (C)2009-04-17   (M)2017-10-04
 
CVSS Score: 6.0Access Vector: NETWORK
Exploitability Subscore: 6.8Access Complexity: MEDIUM
Impact Subscore: 6.4Authentication: SINGLE_INSTANCE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Multiple directory traversal vulnerabilities in CMScout 2.06, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bit parameter to (1) admin.php and (2) index.php, different vectors than CVE-2008-3415.

Reference:
BID-33068
SECUNIA-33375
OSVDB-51119
OSVDB-51120
EXPLOIT-DB-7625
cmscout-admin-index-file-include(47660)
http://www.cmscout.co.za/index.php?page=news&id=30

CPE    1
cpe:/a:cmscout:cmscout:2.06
CWE    1
CWE-22

© 2013 SecPod Technologies