CVE-2008-0818

2008-02-1920:00:00

mitre

www.cve.org

AI Score

7.3

Confidence

Low

EPSS

0.028

Percentile

90.7%

JSON

Multiple directory traversal vulnerabilities in freePHPgallery 0.6 allow remote attackers to include and execute arbitrary local files via a … (dot dot) in the lang cookie to (1) comment.php, (2) index.php, and (3) show.php.

References

secunia.com/advisories/28972

sourceforge.net/forum/forum.php?forum_id=785794

www.securityfocus.com/bid/27806

www.vupen.com/english/advisories/2008/0589

www.exploit-db.com/exploits/5124