CVE-2008-3363

2008-07-3016:03:00

mitre

www.cve.org

AI Score

Confidence

Low

EPSS

0.057

Percentile

93.4%

JSON

Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a …\ (dot dot backslash) in the include parameter.

References

secunia.com/advisories/30987

securityreason.com/securityalert/4056

www.dokeos.com/wiki/index.php/Security#Dokeos_1.8.5

www.securityfocus.com/archive/1/494496/100/0/threaded

www.securityfocus.com/bid/30150

www.vupen.com/english/advisories/2008/2208/references

exchange.xforce.ibmcloud.com/vulnerabilities/43865

www.exploit-db.com/exploits/6149