CVE-2008-5943

Name of the Vulnerable Software and Affected Versions NavBoard 16 version 2.6.0

Description The issue concerns directory traversal vulnerabilities. Remote attackers can include and execute arbitrary local files by using a .. (dot dot) in the module parameter to API endpoints such as "admin modules.php" and "modules.php".

Recommendations For NavBoard 16 version 2.6.0, consider restricting access to the "admin modules.php" and "modules.php" endpoints until a patch is available. As a temporary workaround, avoid using the module parameter in these endpoints to minimize the risk of exploitation.