Vulnerability Description
Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file parameter.
CVSS Score
6.4
MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ott | Phpcksec | 0.2 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.org/0812-exploits/phpcksec-xssdisclose.txtExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47426
- http://packetstormsecurity.org/0812-exploits/phpcksec-xssdisclose.txtExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47426
FAQ
What is CVE-2008-6610?
CVE-2008-6610 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file parame...
How severe is CVE-2008-6610?
CVE-2008-6610 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6610?
Check the references section above for vendor advisories and patch information. Affected products include: Ott Phpcksec.