Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter in a page view action.
-
Badware
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2090 (Solaris)
- CVE-2008-2093 (community_builder, com_comprofiler)
- CVE-2008-2093 (community_builder, com_comprofiler)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2089 (Solaris)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2093 (community_builder, com_comprofiler)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2091 (kubelance)
- CVE-2008-2089 (Solaris)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2093 (community_builder, com_comprofiler)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2089 (Solaris)
- CVE-2008-2080 (Common Data Format)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
- CVE-2008-2092 (SPA-2102 Phone Adapter)
Categories