Vulnerability Description
Multiple directory traversal vulnerabilities in Galatolo WebManager (GWM) 1.0 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in (1) the plugin parameter to admin/plugins.php or (2) the com parameter to index.php.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gwm | Galatolo Webmanager | 1.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/29595Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42923
- https://www.exploit-db.com/exploits/5758
- http://www.securityfocus.com/bid/29595Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42923
- https://www.exploit-db.com/exploits/5758
FAQ
What is CVE-2008-2699?
CVE-2008-2699 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple directory traversal vulnerabilities in Galatolo WebManager (GWM) 1.0 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in (1) the plugin pa...
How severe is CVE-2008-2699?
CVE-2008-2699 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2699?
Check the references section above for vendor advisories and patch information. Affected products include: Gwm Galatolo Webmanager.