CVE-2008-1415

2008-03-2010:00:00

mitre

www.cve.org

6.8 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.8%

JSON

Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and earlier allows remote attackers to read arbitrary files via “…/…//” (modified dot dot) sequences in the tab parameter.

References

securityreason.com/securityalert/3756

www.securityfocus.com/archive/1/489689/100/0/threaded

www.securityfocus.com/bid/28263

www.vupen.com/english/advisories/2008/0911/references

www.exploit-db.com/exploits/5262