Vulnerability CVE-2008-6592


Published: 2009-04-03   Modified: 2012-02-12

Description:
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).

See advisories in our WLB2 database:
Topic
Author
Date
Low
LightNEasy v.1.2.2 flat Multiple Vulnerabilities
Gerendi Sandor A...
08.04.2009

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Sqlite -> Sqlite 
Lightneasy -> Lightneasy 

 References:
http://www.securityfocus.com/archive/1/491064/100/0/threaded
http://www.securityfocus.com/bid/28801
https://exchange.xforce.ibmcloud.com/vulnerabilities/49851
https://www.exploit-db.com/exploits/5452

Copyright 2024, cxsecurity.com

 

Back to Top