RSS   Vulnerabilities for 'Atomic edition'   RSS

2008-07-11
 
CVE-2008-3150

CWE-22
 

 
Directory traversal vulnerability in index.php in Neutrino Atomic Edition 0.8.4 allows remote attackers to read and modify files, as demonstrated by manipulating data/sess.php in (1) usb and (2) del_pag actions. NOTE: this can be leveraged for code execution by performing an upload that bypasses the intended access restrictions that were implemented in sess.php.

 


Copyright 2017, cxsecurity.com

 

Back to Top