NVD

Id
1845  
Name
CVE-2008-1908  
Description
Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the language parameter in a language action to the default URI, which is not properly handled in actions/language.act.php, or (2) the action parameter to category.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-04-22  
Modified Date
2012-10-29  
Seq
2008-1908  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
11935 1845 CVE-2008-1908 http://bugreport.ir/index.php?/34  View
11936 1845 CVE-2008-1908 5437  View
11937 1845 CVE-2008-1908 28755  View
11938 1845 CVE-2008-1908 ADV-2008-1213  View
11939 1845 CVE-2008-1908 cpcommerce-multiple-file-include(41783)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
47667 JVNDB-2008-002977 cpCommerce におけるディレクトリトラバーサルの脆弱性 cpCommerce には、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2008-1908 32021 CVE-2008-1908 1845 7.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002977.html 2008-04-22 2012-06-26 View