CVE-2008-2227

2008-05-14T18:20:00
ID CVE-2008-2227
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:30:00

Description

Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter to (1) forum.php and (2) profile.php in infusions/rank_system/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.