CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-6172

Directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.073

EPSS Ranking 91.2%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/32367
http://www.securityfocus.com/bid/31892
https://exchange.xforce.ibmcloud.com/vulnerabilities/46081
https://www.exploit-db.com/exploits/6817
http://secunia.com/advisories/32367
http://www.securityfocus.com/bid/31892
https://exchange.xforce.ibmcloud.com/vulnerabilities/46081
https://www.exploit-db.com/exploits/6817

Products affected by CVE-2008-6172

Joomla » Joomla » Version: Any

cpe:2.3:a:joomla:joomla:*
Weberr » Rwcards » Version: 3.0.11

cpe:2.3:a:weberr:rwcards:3.0.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6172

Products

Pricing

Contact Us