CVE-2008-1324
published 2008-03-13CVE-2008-1324: Multiple directory traversal vulnerabilities in index.php in Travelsized CMS 0.4.1 allow remote attackers to include and execute arbitrary local files via a .…
PriorityP338high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.30%
81.1th percentile
Multiple directory traversal vulnerabilities in index.php in Travelsized CMS 0.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page_id and (2) language parameters. NOTE: this might be the same issue as CVE-2008-1325.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| leinir | travelsized_cms | — | — |
| leinir_turthra | uberghey_cms | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j8q5-wx9w-2f7c: Multiple directory traversal vulnerabilities in index
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2008-1325 [HIGH] CWE-22 GHSA-j8q5-wx9w-2f7c: Multiple directory traversal vulnerabilities in index
Multiple directory traversal vulnerabilities in index.php in Uberghey CMS 0.3.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page_id and (2) language parameters. NOTE: this might be the same issue as CVE-2008-1324.
GHSA
GHSA-44r2-g9hq-xqp6: Multiple directory traversal vulnerabilities in index
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2008-1324 [HIGH] CWE-22 GHSA-44r2-g9hq-xqp6: Multiple directory traversal vulnerabilities in index
Multiple directory traversal vulnerabilities in index.php in Travelsized CMS 0.4.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) page_id and (2) language parameters. NOTE: this might be the same issue as CVE-2008-1325.
No detection rules found.
No writeups or analysis indexed.
http://securityreason.com/securityalert/3740http://www.securityfocus.com/archive/1/489457/100/0/threadedhttp://www.securityfocus.com/bid/28218https://exchange.xforce.ibmcloud.com/vulnerabilities/41168http://securityreason.com/securityalert/3740http://www.securityfocus.com/archive/1/489457/100/0/threadedhttp://www.securityfocus.com/bid/28218https://exchange.xforce.ibmcloud.com/vulnerabilities/41168
2008-03-13
Published