PT-2009-5598 · Php+2 · Php Rss Builder+5
Takayoshi Isayama
·
Published
2009-09-22
·
Updated
2009-09-24
·
CVE-2009-3284
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
phpspot PHP BBS versions prior to 20090914
PHP Image Capture BBS versions prior to 20090914
PHP & CSS BBS versions prior to 20090914
PHP BBS CE versions prior to 20090914
PHP RSS Builder versions prior to 20090914
webshot versions prior to 20090914
Description
A directory traversal issue allows remote attackers to read arbitrary files via unspecified vectors.
Recommendations
For phpspot PHP BBS versions prior to 20090914, update to a version released after 20090914.
For PHP Image Capture BBS versions prior to 20090914, update to a version released after 20090914.
For PHP & CSS BBS versions prior to 20090914, update to a version released after 20090914.
For PHP BBS CE versions prior to 20090914, update to a version released after 20090914.
For PHP RSS Builder versions prior to 20090914, update to a version released after 20090914.
For webshot versions prior to 20090914, update to a version released after 20090914.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Php & Css Bbs
Php Bbs Ce
Php Image Capture Bbs
Php Rss Builder
Phpspot Php Bbs
Webshot