cpe:/a:hotscripts:cyboards_php_lite:1.21 CVE-2008-3710 2008-08-19T15:41:00.000-04:00 2017-08-07T21:32:06.200-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-08-20T10:01:00.000-04:00 ALLOWS_OTHER_ACCESS VIM 20080819 CyBoards PHP uncertainties (RFI/path traversal) BID 30688 XF cyboardsphplite-multiple-file-include(44475) MISC http://packetstormsecurity.org/0808-exploits/cyboards-rfilfixss.txt Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) script_path parameter to (a) options.php and the (2) lang_code parameter to (b) copy_vip.php and (c) process_edit_board.php in adminopts/. NOTE: some of these vectors might not be vulnerabilities under proper installation.