CVE-2008-7178

2009-09-0810:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.011

Percentile

84.4%

JSON

Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote attackers to read arbitrary files via a … (dot dot) in the filename parameter in a downloadfile action to index.php.

References

www.securityfocus.com/bid/29600

exchange.xforce.ibmcloud.com/vulnerabilities/42925

www.exploit-db.com/exploits/5756