CVE Daily

CVE-2008-5748

Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in Bloofox...

High CVSS 8.1

Overview

Directory traversal vulnerability in plugins/spaw2/dialogs/dialog.php in BloofoxCMS 0.3.4 allows remote attackers to read arbitrary files via the (1) lang, (2) theme, and (3) module parameters.

CWE: CWE-22 Published: 2008-12-29T15:24:23.670
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.1 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags