CVE-2008-4781
published 2008-10-29CVE-2008-4781: Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the…
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.36%
81.6th percentile
Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langage parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| easy-script | myktools | — | — |
| myktools | myktools | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gqj5-mppp-ghq8: Directory traversal vulnerability in update
ghsa_unreviewed·2022-05-17
CVE-2008-4781 [HIGH] CWE-22 GHSA-gqj5-mppp-ghq8: Directory traversal vulnerability in update
Directory traversal vulnerability in update.php in MyKtools 2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the langage parameter.
GHSA
GHSA-3x2c-7fr9-38mv: Directory traversal vulnerability in configuration_script
ghsa_unreviewed·2022-05-17·CVSS 7.5
CVE-2008-6273 [HIGH] CWE-22 GHSA-3x2c-7fr9-38mv: Directory traversal vulnerability in configuration_script
Directory traversal vulnerability in configuration_script.php in MyKtools 3.0 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the langage parameter, a different vulnerability than CVE-2008-4781. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/32432http://securityreason.com/securityalert/4526http://www.securityfocus.com/bid/31942http://www.vupen.com/english/advisories/2008/2941https://www.exploit-db.com/exploits/6850http://secunia.com/advisories/32432http://securityreason.com/securityalert/4526http://www.securityfocus.com/bid/31942http://www.vupen.com/english/advisories/2008/2941https://www.exploit-db.com/exploits/6850
2008-10-29
Published