返回 CVE 浏览器

CVE-2008-6604

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1240%

EPSS Percentile38.14th

Published2009年4月4日

Last Modified2026年4月23日

Vulnerability Description

Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagina parameter, a different vulnerability than CVE-2007-5390.

Affected Platforms (CPE)

📦

Picoflat

Picoflat Cms

= 0.5.9

References & Advisories

🔗 http://www.securityfocus.com/bid/29424

🔗 https://www.exploit-db.com/exploits/5690

🔗 http://www.securityfocus.com/bid/29424

🔗 https://www.exploit-db.com/exploits/5690

相关漏洞威胁

CVE-2007-53906.8

PHP remote file inclusion vulnerability in index.php in PicoFlat CMS 0.4.14 and earlier allows remote attackers to execute arbitra...

CVE-2007-59206.8

index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors,...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...

CVE-2008-535510.0

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1...