Vulnerability Description
Directory traversal vulnerability in index.php in Sava's GuestBook 2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Savas Place | Savas Guestbook | 2.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/29592Vendor Advisory
- http://www.securityfocus.com/bid/28536
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41596
- http://secunia.com/advisories/29592Vendor Advisory
- http://www.securityfocus.com/bid/28536
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41596
FAQ
What is CVE-2008-1642?
CVE-2008-1642 is a vulnerability with a CVSS score of 7.5 (HIGH). Directory traversal vulnerability in index.php in Sava's GuestBook 2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter. ...
How severe is CVE-2008-1642?
CVE-2008-1642 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-1642?
Check the references section above for vendor advisories and patch information. Affected products include: Savas Place Savas Guestbook.