Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magic_quotes_gpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. (dot dot) in the (1) post and (2) doc parameters.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-10-21T00:00:00
Updated: 2024-08-07T10:24:20.638Z
Reserved: 2008-10-20T00:00:00
Link: CVE-2008-4632
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-10-21T01:18:02.617
Modified: 2017-09-29T01:32:16.133
Link: CVE-2008-4632
Redhat
No data.