CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-5776

Multiple directory traversal vulnerabilities in Aperto Blog 0.1.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) action parameter to admin.php and the (2) get parameter to index.php. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.023

EPSS Ranking 84.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/32850
https://www.exploit-db.com/exploits/7482
http://www.securityfocus.com/bid/32850
https://www.exploit-db.com/exploits/7482

Products affected by CVE-2008-5776

Apertoblog » Apertoblog » Version: 0.1.1

cpe:2.3:a:apertoblog:apertoblog:0.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-5776

Products

Pricing

Contact Us