Vulnerability Description
Multiple directory traversal vulnerabilities in geekigeeki.py in GeekiGeeki before 3.0 allow remote attackers to read arbitrary files via directory traversal sequences in a pagename argument in the (1) handle_edit and (2) handle_raw functions.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Codewiz | Geekigeeki | 2.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/33162Vendor Advisory
- http://www.codewiz.org/wikigit/geekigeeki.git/blobdiff/92e45c3ce9260c69b4201d877Exploit
- http://www.codewiz.org/wikigit/geekigeeki.git?a=commit%3Bh=5f99f96a7a102bb8f2c49
- http://www.osvdb.org/50719Patch
- http://www.securityfocus.com/bid/32831Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47375
- http://secunia.com/advisories/33162Vendor Advisory
- http://www.codewiz.org/wikigit/geekigeeki.git/blobdiff/92e45c3ce9260c69b4201d877Exploit
- http://www.codewiz.org/wikigit/geekigeeki.git?a=commit%3Bh=5f99f96a7a102bb8f2c49
- http://www.osvdb.org/50719Patch
- http://www.securityfocus.com/bid/32831Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47375
FAQ
What is CVE-2008-6786?
CVE-2008-6786 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple directory traversal vulnerabilities in geekigeeki.py in GeekiGeeki before 3.0 allow remote attackers to read arbitrary files via directory traversal sequences in a pagename argument in the (1...
How severe is CVE-2008-6786?
CVE-2008-6786 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6786?
Check the references section above for vendor advisories and patch information. Affected products include: Codewiz Geekigeeki.