CVE-2008-0459
25.01.2008, 16:00
Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the update parameter.
Path Traversal
Vendor | Product | Version |
---|---|---|
liquidsilvercms | liquidsilvercms | 0.3 |
liquidsilvercms | liquidsilvercms | 0.35 |
𝑥
= Vulnerable software versions
References