cpe:/a:bitweaver:bitweaver:1.1 cpe:/a:bitweaver:bitweaver:1.1.1_beta cpe:/a:bitweaver:bitweaver:1.2.1 cpe:/a:bitweaver:bitweaver:1.3 cpe:/a:bitweaver:bitweaver:1.3.1 cpe:/a:bitweaver:bitweaver:2.0.0 cpe:/a:bitweaver:bitweaver:2.0.2 cpe:/a:bitweaver:bitweaver:2.5 cpe:/a:bitweaver:bitweaver:2.6 CVE-2009-1678 2009-05-18T14:30:01.170-04:00 2017-09-28T21:34:30.810-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-05-19T10:25:00.000-04:00 BUGTRAQ 20090512 Bitweaver <= 2.6 /boards/boards_rss.php / saveFeed() remote code execution exploit BID 34910 SECUNIA 35057 EXPLOIT-DB 8659 Directory traversal vulnerability in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the version parameter to boards/boards_rss.php.