CVE-2008-5856

Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter.

Link	Resource
http://www.securityfocus.com/bid/32929
http://osvdb.org/50807
http://secunia.com/advisories/33222	Vendor Advisory
http://sourceforge.net/project/shownotes.php?release_id=648307
https://exchange.xforce.ibmcloud.com/vulnerabilities/47493
https://www.exploit-db.com/exploits/7579

Configuration 1

cpe:2.3:a:class:class:0.8.59:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.4.2:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.10:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.6.1:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.47:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.26:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.0:*:*:*:*:*:*:* cpe:2.3:a:class:class:*:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.5.1:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.6.0:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.4.1:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8:rc2:*:*:*:*:*:* cpe:2.3:a:class:class:0.5.0:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.8:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.20:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.14:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.4.0:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.5.2:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.51:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.0:rc1:*:*:*:*:*:* cpe:2.3:a:class:class:0.4:beta:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.32:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.40:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.29:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.56:*:*:*:*:*:*:* cpe:2.3:a:class:class:0.8.5:*:*:*:*:*:*:*

---

Published : 2009-01-06 05:30

Updated : 2017-09-29 01:32

---

NVD link : CVE-2008-5856

Mitre link : CVE-2008-5856

No products.

CWE-22