CVE-2008-3150

Name of the Vulnerable Software and Affected Versions: Neutrino Atomic Edition version 0.8.4

Description: The issue allows remote attackers to read and modify files due to a directory traversal vulnerability in index.php. This can be exploited by manipulating data/sess.php in certain actions, such as 'usb' and 'del pag' actions. It is also possible to leverage this issue for code execution by performing an upload that bypasses access restrictions implemented in sess.php.

Recommendations: For Neutrino Atomic Edition version 0.8.4, consider restricting access to the vulnerable index.php file and the data/sess.php file until a patch is available. As a temporary workaround, avoid using the 'usb' and 'del pag' actions in index.php to minimize the risk of exploitation.