CVE-2008-5856

Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:class:class:*:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.4:beta:*:*:*:*:*:*
cpe:2.3:a:class:class:0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.4.2:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8:rc2:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.0:rc1:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.5:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.8:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.10:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.14:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.20:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.26:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.29:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.32:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.40:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.47:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.51:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.56:*:*:*:*:*:*:*
cpe:2.3:a:class:class:0.8.59:*:*:*:*:*:*:*

History

21 Nov 2024, 00:55

Type Values Removed Values Added
References () http://osvdb.org/50807 - () http://osvdb.org/50807 -
References () http://secunia.com/advisories/33222 - Vendor Advisory () http://secunia.com/advisories/33222 - Vendor Advisory
References () http://sourceforge.net/project/shownotes.php?release_id=648307 - () http://sourceforge.net/project/shownotes.php?release_id=648307 -
References () http://www.securityfocus.com/bid/32929 - () http://www.securityfocus.com/bid/32929 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/47493 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/47493 -
References () https://www.exploit-db.com/exploits/7579 - () https://www.exploit-db.com/exploits/7579 -

Information

Published : 2009-01-06 17:30

Updated : 2024-11-21 00:55


NVD link : CVE-2008-5856

Mitre link : CVE-2008-5856

CVE.ORG link : CVE-2008-5856


JSON object : View

Products Affected

class

  • class
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')