CVE-2008-1555

Name of the Vulnerable Software and Affected Versions BolinOS version 4.6.1

Description A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the bFileToInclude parameter within the system/ b/contentFiles/gbincluder.php file.

Recommendations For BolinOS version 4.6.1, as a temporary workaround, consider restricting access to the gbincluder.php file to minimize the risk of exploitation. Avoid using the bFileToInclude parameter in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.