HomePentest-Tools.com Logo

Admidio get_file.php Remote File Disclosure Vulnerability CVE-2008-5209

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Admidio is prone to a directory traversal vulnerability.

Risk description

The flaw is due to file parameter in modules/download/get_file.php which is not properly sanitized before returning to the user. Successful exploitation could allow attacker to view local files in the context of the webserver process.

Recommendation

Upgrade to Version 1.4.9 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 24, 2008
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available