CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2008-4499

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0500%
EPSS Percentile36.46th
Published2008年10月9日
Last Modified2026年4月23日

Vulnerability Description

Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to main.php and the (2) file parameter to edit.php.

Affected Platforms (CPE)

📦
Php Web Explorer

Php Web Explorer Lite

<= 0.99b
📦
Php Web Explorer

Php Web Explorer Lite

= 0.99a

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=122332154511973&w=2
🔗 http://securityreason.com/securityalert/4371
🔗 http://www.securityfocus.com/bid/31595
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/45691
🔗 http://marc.info/?l=bugtraq&m=122332154511973&w=2
🔗 http://securityreason.com/securityalert/4371
🔗 http://www.securityfocus.com/bid/31595
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/45691

相關漏洞威脅

CVE-2008-442810.0

Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier allows rem...

CVE-2008-442910.0

Unspecified vulnerability in SOURCENEXT Virus Security ZERO 9.5.0173 and earlier and Virus Security 9.5.0173 and earlier allows re...

CVE-2008-438310.0

Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS68...

CVE-2008-443910.0

PHP remote file inclusion vulnerability in admin/bin/patch.php in MartinWood Datafeed Studio before 1.6.3 allows remote attackers ...