CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-5948

Directory traversal vulnerability in index.php in BNCwi 1.04 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the newlanguage parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 79.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/32981
http://www.securityfocus.com/bid/32644
https://www.exploit-db.com/exploits/7345
http://secunia.com/advisories/32981
http://www.securityfocus.com/bid/32644
https://www.exploit-db.com/exploits/7345

Products affected by CVE-2008-5948

Bncwi » Bncwi » Version: Any

cpe:2.3:a:bncwi:bncwi:*
Bncwi » Bncwi » Version: 1.03

cpe:2.3:a:bncwi:bncwi:1.03

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-5948

Products

Pricing

Contact Us