CVE-2008-0521

Name of the Vulnerable Software and Affected Versions Bubbling Library version 1.32

Description The issue allows remote attackers to read arbitrary files due to multiple directory traversal vulnerabilities. This is achieved by including a .. (dot dot) in the uri parameter to dispatcher.php in various directories, including examples/dispatcher/framework/, examples/dispatcher/, examples/wizard/, and PHP/.

Recommendations For Bubbling Library version 1.32, consider restricting access to the dispatcher.php file in the mentioned directories until a patch is available. As a temporary workaround, avoid using the uri parameter in the affected API endpoint to minimize the risk of exploitation.