CVE-2008-4499

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.0500%

EPSS Percentile36.46th

PublishedOct 9, 2008

Last ModifiedApr 23, 2026

Vulnerability Description

Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to main.php and the (2) file parameter to edit.php.

Affected Platforms (CPE)

📦

Php Web Explorer

Php Web Explorer Lite

<= 0.99b

📦

Php Web Explorer

Php Web Explorer Lite

= 0.99a

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=122332154511973&w=2

🔗 http://securityreason.com/securityalert/4371

🔗 http://www.securityfocus.com/bid/31595

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/45691

🔗 http://marc.info/?l=bugtraq&m=122332154511973&w=2

🔗 http://securityreason.com/securityalert/4371

🔗 http://www.securityfocus.com/bid/31595

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/45691

Vulnerability Description

Affected Platforms (CPE)

Php Web Explorer Lite

Php Web Explorer Lite

References & Advisories

Related Vulnerabilities