CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Niclor: >> Include Sito Security Vulnerabilities

CVE-2008-6290

Directory traversal vulnerability in includefile.php in nicLOR Sito, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the page_file parameter.

CVSS Score

6.8

EPSS Score

0.015

Published

2009-02-26

Page 1

Vulnerabilities

Vulnerable Software

Niclor: >> Include Sito Security Vulnerabilities

Products

Pricing

Contact Us