CVE-2008-5748

2008-12-2915:00:00

mitre

www.cve.org

AI Score

8.1

Confidence

High

EPSS

0.085

Percentile

94.6%

JSON

Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.

References

osvdb.org/51006

secunia.com/advisories/33135

securityreason.com/securityalert/4820

www.securityfocus.com/bid/33013

exchange.xforce.ibmcloud.com/vulnerabilities/47611

www.exploit-db.com/exploits/7580