cpe:/a:kwsphp:kwsphp:1.3.456 CVE-2008-6201 2009-02-19T20:30:05.017-05:00 2017-10-18T21:30:16.440-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-02-20T12:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20080415 KwsPHP (Upload) Remote Code Execution Exploit BID 28788 SECUNIA 29802 EXPLOIT-DB 5449 VUPEN ADV-2008-1241 CONFIRM http://koogar.alorys-hebergement.com/kwsphp/index.php?mod=news&ac=commentaires&id=49 XF kwsphp-help-file-include(41950) Directory traversal vulnerability in help.php in the eskuel module in KwsPHP 1.3.456, as available before 20080416, allows remote attackers to execute arbitrary commands via the action parameter. NOTE: some of these details are obtained from third party information.