CVE

Id
36370  
CVE No.
CVE-2008-6253  
Status
Candidate  
Description
Directory traversal vulnerability in data/inc/lib/pcltar.lib.php in Pluck 4.5.3, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the g_pcltar_lib_dir parameter.  
Phase
Assigned (20090224)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
397823 36370 CVE-2008-6253 BUGTRAQ:20081118 [DSECRG-08-039] Local File Include Vulnerability in Pluck CMS 4.5.3  View
397824 36370 CVE-2008-6253 URL:http://www.securityfocus.com/archive/1/498438  View
397825 36370 CVE-2008-6253 MILW0RM:7153  View
397826 36370 CVE-2008-6253 URL:http://www.milw0rm.com/exploits/7153  View
397827 36370 CVE-2008-6253 CONFIRM:http://www.pluck-cms.org/index.php?file=kop11.php  View
397828 36370 CVE-2008-6253 BID:32342  View
397829 36370 CVE-2008-6253 URL:http://www.securityfocus.com/bid/32342  View
397830 36370 CVE-2008-6253 SECUNIA:32736  View
397831 36370 CVE-2008-6253 URL:http://secunia.com/advisories/32736  View
397832 36370 CVE-2008-6253 XF:pluck-pcltarlib-file-include(46676)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
43152 JVNDB-2009-004159 Openasp の default.asp における SQL インジェクションの脆弱性 Openasp の default.asp には、SQL インジェクションの脆弱性が存在します。 CVE-2008-6257 36370 7.5 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-004159.html  View