thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:56
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/29833 - Vendor Advisory | |
References | () http://www.osvdb.org/44674 - Exploit | |
References | () http://www.securityfocus.com/archive/1/491064/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/28801 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/49851 - | |
References | () https://www.exploit-db.com/exploits/5452 - |
Information
Published : 2009-04-03 18:30
Updated : 2024-11-21 00:56
NVD link : CVE-2008-6592
Mitre link : CVE-2008-6592
CVE.ORG link : CVE-2008-6592
JSON object : View
Products Affected
lightneasy
- lightneasy
sqlite
- sqlite
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')