cpe:/a:elinestudio:site_composer:2.6 CVE-2008-2863 2008-06-25T08:36:00.000-04:00 2017-09-28T21:31:22.367-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-06-25T15:14:00.000-04:00 BUGTRAQ 20080619 eLineStudio Site Composer (ESC) <=2.6 Multiple Vulnerabilities BID 29812 SECUNIA 30762 SREASON 3957 EXPLOIT-DB 5859 XF esc-inpcurrfolder-unauthorized-access(43193) MISC http://www.bugreport.ir/?/45 Multiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp in cms/assetmanager/.