Computer Security

CVE-2008-0782
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2008-0782
StatusCandidate
DescriptionDirectory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via ".." sequences in the MOIN_ID user ID in a cookie for a userform action.  NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter.
PhaseAssigned (14.02.2008)
SecurityVulns:Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0782
ReferencesBID : 27404
 CONFIRM : http://hg.moinmo.in/moin/1.5/rev/db212dfc58ef
 MILW0RM : 4957
 VIM : 20080124 MoinMoin 1.5.x MOIND_ID cookie Bug Remote Exploit
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru