CVE-2008-1409 (Exero CMS) |
|
| BugsAlert Home > CVE-2008-1409 (Exero CMS) | |
|
Multiple directory traversal vulnerabilities in the Default theme in Exero CMS 1.0.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme parameter to (1) index.php, (2) editpassword.php, and (3) avatar.php in usercp/; (4) custompage.php; (5) errors/404.php; (6) memberslist.php and (7) profile.php in members/; (8) index.php and (9) fullview.php in news/; and (10) nopermission.php. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1409 Learn more about CVE-2008-1409 (Exero CMS) |
|
| Tags: cve-2008-1409 exero cms | |
Related Items |
|
|
Foresight: imageop
|
|
|
CVE-2008-1735
|
|
|
CVE-2007-6583 (1024 CMS)
|
|
|
Ubuntu update for tetex-bin and texlive-bin
|
|
|
Symantec Backup Exec System Recovery Manager Directory Traversal
|
|
|
Symantec Backup Exec for Windows Servers Denial of Service Issues
|
|
|
HP Select Identity Unspecified Unauthorised Access Vulnerability
|
|
