Vulnerability Description
Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) DB, (2) lang, and (3) skin parameters.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpblaster | Phpblaster Cms | 1.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/29983
- https://www.exploit-db.com/exploits/5952
- http://www.securityfocus.com/bid/29983
- https://www.exploit-db.com/exploits/5952
FAQ
What is CVE-2008-5171?
CVE-2008-5171 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files ...
How severe is CVE-2008-5171?
CVE-2008-5171 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-5171?
Check the references section above for vendor advisories and patch information. Affected products include: Phpblaster Phpblaster Cms.