← Zuruck zu CVEs
CVE-2008-6592
N/ABeschreibung
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht4/3/2009
Zuletzt geandert4/23/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
lightneasy:lightneasysqlite:sqlite
Schwachen (CWE)
CWE-22
Referenzen
http://secunia.com/advisories/29833(cve@mitre.org)
http://www.osvdb.org/44674(cve@mitre.org)
http://www.securityfocus.com/archive/1/491064/100/0/threaded(cve@mitre.org)
http://www.securityfocus.com/bid/28801(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49851(cve@mitre.org)
https://www.exploit-db.com/exploits/5452(cve@mitre.org)
http://secunia.com/advisories/29833(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/44674(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/491064/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/28801(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49851(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/5452(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.