Bugsalert.com
Security News about Viruses, Spyware,
Trojans, Malware, XSS attacks.
Home | Recent | Sitemap

CVE-2008-5272 (syndeocms)
BugsAlert Home > CVE-2008-5272 (syndeocms)
 
 

Multiple directory traversal vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the template parameter to (1) starnet/editors/fckeditor/studenteditor.php; (2) starnet/modules/sn_news/edit_content.php, reached through starnet/index.php; and (3) starnet/modules/sn_newsletter/edit_content.php, reached through starnet/index.php.




Original Source: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5272

Learn more about CVE-2008-5272 (syndeocms)
 
Tags: cve-2008-5272 syndeocms

Related Items
      VUPEN - New 5 Star Rating "myusername" Parameter Remote SQL Injection Vulnerability

      CVE-2009-1598 (chrome)

      Insanely Simple Blog 0.5 (index) Remote SQL Injection Vulnerabilities

      Jonathan DiCarlo: Fennec Tab-Sync UI Update

      FrSIRT - Fedora Security Update Fixes Kernel Security Bypass and DoS Issues

      CVE-2009-0333 (com_waticketsystem)

      Empty session id causes a warning

 
© 2007-2010 BugsAlert.com Original template by Arcsin Hosted By 1and1


Pixel