Multiple directory traversal vulnerabilities in Project-Based Calendaring System (PBCS) 0.7.1-1 allow remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter to (1) src/yopy_sync.php and (2) system-logger/print_logs.php.
References
Configurations
History
No history.
Information
Published : 2008-05-14 18:20
Updated : 2024-02-28 11:21
NVD link : CVE-2008-2215
Mitre link : CVE-2008-2215
CVE.ORG link : CVE-2008-2215
JSON object : View
Products Affected
pbcs
- project-based_calendaring__system
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')