Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2008-7064
HistoryAug 25, 2009 - 10:00 a.m.

CVE-2008-7064

2009-08-2510:00:00
mitre
www.cve.org

7.3 High

AI Score

Confidence

High

0.08 Low

EPSS

Percentile

94.3%

JSON

Directory traversal vulnerability in the get_lang function in global.php in Quicksilver Forums 1.4.2 and earlier, as used in QSF Portal before 1.4.5, when running on Windows, allows remote attackers to include and execute arbitrary local files via a "" (backslash) in the lang parameter to index.php, which bypasses a protection mechanism that only checks for “/” (forward slash), as demonstrated by uploading and including PHP code in an avatar file.

Related

openvas 2
nvd 1
cve 1
prion 1
openvas
openvas
Quicksilver Forums Local File Include and Arbitrary File Upload Vulnerabilities
2010-02-23 00:00:00
Quicksilver Forums Local File Include and Arbitrary File Upload Vulnerabilities
2010-02-23 00:00:00
nvd
nvd
CVE-2008-7064
2009-08-25 10:30:00
cve
cve
CVE-2008-7064
2009-08-25 10:30:00
prion
prion
Directory traversal
2009-08-25 10:30:00

7.3 High

AI Score

Confidence

High

0.08 Low

EPSS

Percentile

94.3%

JSON
Related for CVELIST:CVE-2008-7064
openvas2nvd1cve1prion1