返回 CVE 瀏覽器

CVE-2008-6604

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1240%

EPSS Percentile38.14th

Published2009年4月4日

Last Modified2026年4月23日

Vulnerability Description

Directory traversal vulnerability in index.php in PicoFlat CMS 0.5.9 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagina parameter, a different vulnerability than CVE-2007-5390.

Affected Platforms (CPE)

📦

Picoflat

Picoflat Cms

= 0.5.9

References & Advisories

🔗 http://www.securityfocus.com/bid/29424

🔗 https://www.exploit-db.com/exploits/5690

🔗 http://www.securityfocus.com/bid/29424

🔗 https://www.exploit-db.com/exploits/5690

相關漏洞威脅

CVE-2007-53906.8

PHP remote file inclusion vulnerability in index.php in PicoFlat CMS 0.4.14 and earlier allows remote attackers to execute arbitra...

CVE-2007-59206.8

index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors,...

CVE-2008-461510.0

Unspecified vulnerability in i_utils.asp in PortalApp before 4.01a has unknown impact and attack vectors.

CVE-2008-034310.0

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 has u...