Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2008-7064
HistoryAug 25, 2009 - 10:30 a.m.

Directory traversal

2009-08-2510:30:00
PRIOn knowledge base
www.prio-n.com
3

7.8 High

AI Score

Confidence

Low

0.08 Low

EPSS

Percentile

94.3%

JSON

Directory traversal vulnerability in the get_lang function in global.php in Quicksilver Forums 1.4.2 and earlier, as used in QSF Portal before 1.4.5, when running on Windows, allows remote attackers to include and execute arbitrary local files via a "" (backslash) in the lang parameter to index.php, which bypasses a protection mechanism that only checks for “/” (forward slash), as demonstrated by uploading and including PHP code in an avatar file.

CPENameOperatorVersion
quicksilver_forumseq1.4.2

Related

openvas 2
cvelist 1
nvd 1
cve 1
openvas
openvas
Quicksilver Forums Local File Include and Arbitrary File Upload Vulnerabilities
2010-02-23 00:00:00
Quicksilver Forums Local File Include and Arbitrary File Upload Vulnerabilities
2010-02-23 00:00:00
cvelist
cvelist
CVE-2008-7064
2009-08-25 10:00:00
nvd
nvd
CVE-2008-7064
2009-08-25 10:30:00
cve
cve
CVE-2008-7064
2009-08-25 10:30:00

7.8 High

AI Score

Confidence

Low

0.08 Low

EPSS

Percentile

94.3%

JSON
Related for PRION:CVE-2008-7064
openvas2cvelist1nvd1cve1