Vulnerability Description
Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter to (1) forum.php and (2) profile.php in infusions/rank_system/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php-Fusion | Forum Rank System | 6 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/30304Vendor Advisory
- http://www.securityfocus.com/bid/29077Exploit
- http://www.securityfocus.com/bid/29077/exploitExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42244
- http://secunia.com/advisories/30304Vendor Advisory
- http://www.securityfocus.com/bid/29077Exploit
- http://www.securityfocus.com/bid/29077/exploitExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42244
FAQ
What is CVE-2008-2227?
CVE-2008-2227 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple directory traversal vulnerabilities in PHP-Fusion Forum Rank System 6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the settings[locale] parameter ...
How severe is CVE-2008-2227?
CVE-2008-2227 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2227?
Check the references section above for vendor advisories and patch information. Affected products include: Php-Fusion Forum Rank System.