exploitDog

CVE-2008-4437

Опубликовано: 06 окт. 2008

Источник: redhat

EPSS Средний

Описание

Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with a .. (dot dot) in the data element.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=465956bugzilla directory traversal flaw

EPSS

Процентиль: 93%

0.10547

Средний

Связанные уязвимости

CVE-2008-4437

ubuntu

почти 17 лет назад

Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with a .. (dot dot) in the data element.

CVE-2008-4437

nvd

почти 17 лет назад

Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with a .. (dot dot) in the data element.

CVE-2008-4437

debian

почти 17 лет назад

Directory traversal vulnerability in importxml.pl in Bugzilla before 2 ...

GHSA-ph4j-q265-3h3m

github

больше 3 лет назад

Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with a .. (dot dot) in the data element.

EPSS

Процентиль: 93%

0.10547

Средний