CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-6834

Multiple directory traversal vulnerabilities in fuzzylime (cms) 3.01 and 3.01a allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the s parameter to code/commupdate.php in a count action or (2) the heads parameter to code/newsheads.php. NOTE: the blog.php vector is already covered by CVE-2008-3164.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.7%

CVSS Severity

CVSS v2 Score 10.0

References

https://www.exploit-db.com/exploits/6016
https://www.exploit-db.com/exploits/6016

Products affected by CVE-2008-6834

Fuzzylime » Fuzzylime (Cms) » Version: 3.0.1

cpe:2.3:a:fuzzylime:fuzzylime_(cms):3.0.1
Fuzzylime » Fuzzylime (Cms) » Version: 3.0.1a

cpe:2.3:a:fuzzylime:fuzzylime_(cms):3.0.1a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6834

Products

Pricing

Contact Us