CVE-2008-3087

Name of the Vulnerable Software and Affected Versions: Kasseler CMS version 1.3.0

Description: A directory traversal issue allows remote attackers to read arbitrary files by including a .. (dot dot) in the file parameter to "index.php", which may be related to the phpManual module.

Recommendations: For Kasseler CMS version 1.3.0, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation, and avoid using the file parameter until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.