Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
XOOPS Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2008-6884 - Vulnerability Database
XOOPS

XOOPS Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2008-6884

Medium
Reference: CVE-2008-6884
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-6884
Title: XOOPS Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

Multiple directory traversal vulnerabilities in XOOPS 2.3.1 when register_globals is enabled allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsConfiglanguage parameter to (1) blocks.php and (2) main.php in xoops_lib/modules/protector/.