Vulnerability Description
Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Galaxyscripts | Mini File Host | <= 1.2.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/28504Vendor Advisory
- http://www.securityfocus.com/bid/27327Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39799
- https://www.exploit-db.com/exploits/4930
- http://secunia.com/advisories/28504Vendor Advisory
- http://www.securityfocus.com/bid/27327Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39799
- https://www.exploit-db.com/exploits/4930
FAQ
What is CVE-2008-0357?
CVE-2008-0357 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Directory traversal vulnerability in pages/upload.php in Galaxyscripts Mini File Host 1.2.1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal seq...
How severe is CVE-2008-0357?
CVE-2008-0357 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0357?
Check the references section above for vendor advisories and patch information. Affected products include: Galaxyscripts Mini File Host.