CVE-2008-0481
published 2008-01-29CVE-2008-0481: Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and…
PriorityP431medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.88%
88.9th percentile
Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter in a save action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| web_wiz | rich_text_editor | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2008-4437 CVE-2008-6098, CVE-2009-048[13456] bugzilla: multiple issues [F10]
bugzilla·2009-02-09·CVSS 7.1
CVE-2008-4437 [HIGH] CVE-2008-4437 CVE-2008-6098, CVE-2009-048[13456] bugzilla: multiple issues [F10]
CVE-2008-4437 CVE-2008-6098, CVE-2009-048[13456] bugzilla: multiple issues [F10]
F10 tracking bug: see blocks bug list for full details of the security issue(s).
[bug automatically created by: add-tracking-bugs]
Discussion:
You can eventually use the following link to create the update request:
https://admin.fedoraproject.org/updates/new/?request=Stable&type_=security&release=Fedora%2010&bugs=484756,
---
Correct update submission URL is:
https://admin.fedoraproject.org/updates/new/?request=Stable&type_=security&bugs=484756,CVE-2008-6098,CVE-2009-0481,CVE-2009-0482,CVE-2009-0483,CVE-2009-0484,CVE-2009-0485,CVE-2009-0486
---
*** Bug 465959 has been marked as a duplicate of this bug. ***
---
CVE-2008-4437 fixed in upstream 3.0.5 is still unfixed too, adding it to this tracking bug
Bugzilla
CVE-2008-4437 CVE-2008-6098, CVE-2009-048[13456] bugzilla: multiple issues [F9]
bugzilla·2009-02-09·CVSS 7.1
CVE-2008-4437 [HIGH] CVE-2008-4437 CVE-2008-6098, CVE-2009-048[13456] bugzilla: multiple issues [F9]
CVE-2008-4437 CVE-2008-6098, CVE-2009-048[13456] bugzilla: multiple issues [F9]
F9 tracking bug: see blocks bug list for full details of the security issue(s).
[bug automatically created by: add-tracking-bugs]
Discussion:
You can eventually use the following link to create the update request:
https://admin.fedoraproject.org/updates/new/?request=Stable&type_=security&release=Fedora%209&bugs=484757,
---
Correct update submission URL is:
https://admin.fedoraproject.org/updates/new/?request=Stable&type_=security&bugs=484757,CVE-2008-6098,CVE-2009-0481,CVE-2009-0482,CVE-2009-0483,CVE-2009-0484,CVE-2009-0485,CVE-2009-0486
---
*** Bug 465958 has been marked as a duplicate of this bug. ***
---
CVE-2008-4437 fixed in upstream 3.0.5 is still unfixed too, adding it to this tracking bug, u
http://secunia.com/advisories/28639http://securityreason.com/securityalert/3584http://securitytracker.com/id?1019267http://www.bugreport.ir/?/31http://www.securityfocus.com/archive/1/486868/100/0/threadedhttp://www.securityfocus.com/bid/27419http://www.webwizguide.com/webwizrichtexteditor/kb/release_notes.asphttps://exchange.xforce.ibmcloud.com/vulnerabilities/39868https://www.exploit-db.com/exploits/4971http://secunia.com/advisories/28639http://securityreason.com/securityalert/3584http://securitytracker.com/id?1019267http://www.bugreport.ir/?/31http://www.securityfocus.com/archive/1/486868/100/0/threadedhttp://www.securityfocus.com/bid/27419http://www.webwizguide.com/webwizrichtexteditor/kb/release_notes.asphttps://exchange.xforce.ibmcloud.com/vulnerabilities/39868https://www.exploit-db.com/exploits/4971
2008-01-29
Published