Lucene search

K
nvd[email protected]NVD:CVE-2008-5878
HistoryJan 08, 2009 - 7:30 p.m.

CVE-2008-5878

2009-01-0819:30:11
CWE-22
web.nvd.nist.gov
1

7.4 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.4%

Multiple directory traversal vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, allow remote attackers to include and execute arbitrary files via a … (dot dot) in the (1) boxname parameter to theme/superchrome/box.php and the (2) theme parameter to phpclanwebsite/footer.php.

Affected configurations

NVD
Node
phpclanwebsitephpclanwebsiteRange1.23.3
OR
phpclanwebsitephpclanwebsiteMatch1.20
OR
phpclanwebsitephpclanwebsiteMatch1.21
OR
phpclanwebsitephpclanwebsiteMatch1.22
OR
phpclanwebsitephpclanwebsiteMatch1.23
OR
phpclanwebsitephpclanwebsiteMatch1.23.1
OR
phpclanwebsitephpclanwebsiteMatch1.23.2

7.4 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.4%

Related for NVD:CVE-2008-5878