CVE-2008-2993

🗓️ 03 Jul 2008 17:47:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 37 Views🌐 WEB

Multiple directory traversal vulnerabilities in FOG Forum 0.8.

Reporter	Title	Published	Views	Family All 5
Circl	CVE-2008-2993	11 Jun 200800:00	–	circl
Cvelist	CVE-2008-2993	3 Jul 200817:47	–	cvelist
EUVD	EUVD-2008-2983	7 Oct 202500:30	–	euvd
NVD	CVE-2008-2993	3 Jul 200818:41	–	nvd
Prion	Directory traversal	3 Jul 200818:41	–	prion

NVD

Node

fog fog_forumMatch0.8.1

Source	Link
exploit-db	www.exploit-db.com/exploits/5784
securityreason	www.securityreason.com/securityalert/3971
securityfocus	www.securityfocus.com/bid/29651
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/42985
secunia	www.secunia.com/advisories/30613

Parameter	Position	Path	Description	CWE
fog_lang	query param	/index.php	Directory traversal vulnerability via dot-dot in multiple parameters to index.php allowing inclusion/execution of local files.	CWE-22
fog_skin	query param	/index.php	Directory traversal vulnerability via dot-dot in multiple parameters to index.php allowing inclusion/execution of local files.	CWE-22
fog_pseudo	query param	/index.php	Directory traversal vulnerability via dot-dot in multiple parameters to index.php allowing inclusion/execution of local files.	CWE-22
fog_posted	query param	/index.php	Directory traversal vulnerability via dot-dot in multiple parameters to index.php allowing inclusion/execution of local files.	CWE-22
fog_password	query param	/index.php	Directory traversal vulnerability via dot-dot in multiple parameters to index.php allowing inclusion/execution of local files.	CWE-22
fog_cook	query param	/index.php	Directory traversal vulnerability via dot-dot in multiple parameters to index.php allowing inclusion/execution of local files.	CWE-22

16 Jun 2026 22:54Current

7.4High risk

Vulners AI Score7.4

CVSS 27.5

EPSS0.02371

cve-2008-2993 directory traversal fog forum remote attack arbitrary file inclusion security vulnerability nvd