Lucene search
MitreCVELIST:CVE-2008-3851HistoryAug 27, 2008 - 11:00 p.m.
CVE-2008-3851
2008-08-2723:00:00
mitre
www.cve.org
3
Multiple directory traversal vulnerabilities in Pluck CMS 4.5.2 on Windows allow remote attackers to include and execute arbitrary local files via a …\ (dot dot backslash) in the (1) blogpost, (2) cat, and (3) file parameters to data/inc/themes/predefined_variables.php, as reachable through index.php; and the (4) blogpost and (5) cat parameters to data/inc/blog_include_react.php, as reachable through index.php. NOTE: the issue involving vectors 1 through 3 reportedly exists because of an incomplete fix for CVE-2008-3194.
Related
cve
cve
prion
prion
Directory traversal
2008-08-27 23:41:00
Directory traversal
2008-07-16 18:41:00
Directory traversal
2009-05-22 18:30:00
nvd
nvd
nessus
nessus
pluck < 4.5.3 Multiple Local File Include Vulnerabilities
2008-09-11 00:00:00
cvelist
cvelist
CVE-2008-3194
2008-07-16 18:00:00
CVE-2009-1765
2009-05-22 18:00:00