CVE-2008-4486

2008-10-0801:00:00

mitre

www.cve.org

7.1 High

AI Score

Confidence

High

0.022 Low

EPSS

Percentile

89.6%

JSON

Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the mod parameter.

References

secunia.com/advisories/32093

securityreason.com/securityalert/4368

www.securityfocus.com/archive/1/497103

www.securityfocus.com/bid/31606

www.vupen.com/english/advisories/2008/2754

exchange.xforce.ibmcloud.com/vulnerabilities/45708

www.exploit-db.com/exploits/6687