Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote attackers to read and execute arbitrary files via a full pathname in the d_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-03-18T17:00:00
Updated: 2024-08-07T08:17:34.679Z
Reserved: 2008-03-18T00:00:00
Link: CVE-2008-1371
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-03-18T17:44:00.000
Modified: 2017-08-08T01:30:06.667
Link: CVE-2008-1371
Redhat
No data.