Описание
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-4486
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45708
- https://www.exploit-db.com/exploits/6687
- http://secunia.com/advisories/32093
- http://securityreason.com/securityalert/4368
- http://www.securityfocus.com/archive/1/497103
- http://www.securityfocus.com/bid/31606
- http://www.vupen.com/english/advisories/2008/2754
Связанные уязвимости
nvd
больше 17 лет назад
Directory traversal vulnerability in index.php in SAC.php (SACphp), as used in Yerba 6.3 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the mod parameter.