Security Advisory

CVE-2008-7178

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2009-09-08 10:00:00

Last updated 2024-08-07 11:56:14

Assigner mitre

State PUBLISHED

Description

Directory traversal vulnerability in Uploader module 1.1 for XOOPS allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a downloadfile action to index.php.

← Browse all CVEs View on cve.org ↗