CyberSec.Space Logo
Back to CVE Browser

CVE-2008-4425

HIGH
8.8
CVSS Severity Score
EPSS Score0.1140%
EPSS Percentile35.65th
PublishedOct 3, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to delete arbitrary files via directory traversal sequences in the file parameter within a delfile action.

Affected Platforms (CPE)

πŸ“¦
Phlatline

Personal Information Manager

= 1.0

References & Advisories

πŸ”— http://secunia.com/advisories/31424
πŸ”— http://securityreason.com/securityalert/4348
πŸ”— http://www.securityfocus.com/bid/30627
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/44386
πŸ”— https://www.exploit-db.com/exploits/6215
πŸ”— http://secunia.com/advisories/31424
πŸ”— http://securityreason.com/securityalert/4348
πŸ”— http://www.securityfocus.com/bid/30627

Related Vulnerabilities

CVE-2008-442810.0

Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier allows rem...

CVE-2019-111969.8

An authentication bypass vulnerability in all versions of ValuePLUS Integrated University Management System (IUMS) allows unauthen...

CVE-2016-06358.8

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2,...

CVE-2025-119598.1

Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerabili...