CVE-2008-4519

Name of the Vulnerable Software and Affected Versions: Fastpublish CMS version 1.9999 d

Description: The issue concerns multiple directory traversal vulnerabilities. These vulnerabilities allow remote attackers to include and execute arbitrary local files. The attack can be performed by including a .. (dot dot) in the target parameter to API endpoints such as "index2.php" and "index.php".

Recommendations: For Fastpublish CMS version 1.9999 d, as a temporary workaround, consider restricting access to the index2.php and index.php API endpoints until a patch is available. Avoid using the target parameter in these endpoints to minimize the risk of exploitation.