CyberSec.Space Logo
Back to CVE Browser

CVE-2008-6604

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1240%
EPSS Percentile38.14th
PublishedApr 4, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagina parameter, a different vulnerability than CVE-2007-5390.

Affected Platforms (CPE)

πŸ“¦
Picoflat

Picoflat Cms

= 0.5.9

References & Advisories

πŸ”— http://www.securityfocus.com/bid/29424
πŸ”— https://www.exploit-db.com/exploits/5690
πŸ”— http://www.securityfocus.com/bid/29424
πŸ”— https://www.exploit-db.com/exploits/5690

Related Vulnerabilities

CVE-2007-53906.8

PHP remote file inclusion vulnerability in index.php in PicoFlat CMS 0.4.14 and earlier allows remote attackers to execute arbitra...

CVE-2007-59206.8

index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors,...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...

CVE-2008-535510.0

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1...