Vulnerability Details CVE-2008-3677
Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/31475
- http://sourceforge.net/project/shownotes.php?release_id=619467
- http://www.securityfocus.com/bid/30676
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44426
- http://secunia.com/advisories/31475
- http://sourceforge.net/project/shownotes.php?release_id=619467
- http://www.securityfocus.com/bid/30676
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44426
Products affected by CVE-2008-3677
-
cpe:2.3:a:openfreeway:freeway:1.0.25
-
cpe:2.3:a:openfreeway:freeway:1.0.59
-
cpe:2.3:a:openfreeway:freeway:1.0.60
-
cpe:2.3:a:openfreeway:freeway:1.1.1.81
-
cpe:2.3:a:openfreeway:freeway:1.2.0.113
-
cpe:2.3:a:openfreeway:freeway:1.3.0.142
-
cpe:2.3:a:openfreeway:freeway:1.3.1.147
-
cpe:2.3:a:openfreeway:freeway:1.3.2.154
-
cpe:2.3:a:openfreeway:freeway:1.3.2.160
-
cpe:2.3:a:openfreeway:freeway:1.4
-
cpe:2.3:a:openfreeway:freeway:1.4.1