CVE-2008-3365

Directory traversal vulnerability in index.php in Pixelpost 1.7.1 on Windows, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language_full parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:microsoft:windows-nt:98:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:me:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:3.1:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:2008:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows-nt:95:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*
cpe:2.3:a:pixelpost:pixelpost:1.7.1:*:*:*:*:*:*:*

Information

Published : 2008-07-30 10:41

Updated : 2018-10-11 13:48


NVD link : CVE-2008-3365

Mitre link : CVE-2008-3365


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows_2003_server
  • windows
  • windows_vista
  • windows_xp
  • windows-nt
  • windows_2000

pixelpost

  • pixelpost