CVE-2008-4741

2008-10-2717:00:00

mitre

www.cve.org

AI Score

6.6

Confidence

Low

EPSS

0.017

Percentile

87.9%

JSON

Directory traversal vulnerability in index.php in FAR-PHP 1.00, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a … (dot dot) in the c parameter.

References

marc.info/?l=bugtraq&m=121933211712734&w=2

secunia.com/advisories/31563

securityreason.com/securityalert/4507

www.securityfocus.com/archive/1/495672/100/0/threaded

www.securityfocus.com/bid/30781

exchange.xforce.ibmcloud.com/vulnerabilities/44606