CVE-2008-3179

Name of the Vulnerable Software and Affected Versions: Web 2 Business (W2B) phpDatingClub (aka Dating Club) version 3.7

Description: A directory traversal issue exists, allowing remote attackers to include and execute arbitrary local files. This is achieved by using a .. (dot dot) in the page parameter of the website.php file.

Recommendations: For version 3.7, consider restricting access to the website.php file until a patch is available, or apply configuration changes to prevent directory traversal attacks, such as validating and sanitizing the page parameter to prevent the use of .. (dot dot) sequences.