CVE-2008-0545
Severity CVSS v4.0:
Pending analysis
Type:
CWE-22
Path Traversal
Publication date:
01/02/2008
Last modified:
29/09/2017
Description
Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) uri parameter to (a) yui-menu.tpl.php, (b) simple.tpl.php, and (c) advanced.tpl.php in dispatcher/framework/; and the (2) page parameter to (d) yui-menu.php, (e) simple.php, and (f) advanced.php in dispatcher/framework/, different vectors than CVE-2008-0521.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:bubbling_library:bubbling_library:1.32:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page