Home Corporate Website Jobs Mailing Lists RSS Blog Advertise
	Software Inspectors   Scan Online   Personal (PSI)   Network (NSI 2.0) Solutions For   Security Professionals   Security Vendors Free Solutions For   Open Communities   Journalists & Media Secunia Advisories   Search   Historic Advisories   Listed By Product   Listed By Vendor   Statistics / Graphs   Secunia Research   Report Vulnerability   About Advisories Virus Information   Chronological List   Last 10 Virus Alerts   About Virus Information Secunia Customers   Customer Area CVE Reference: CVE-2008-1537 NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. Original Page at CVE MITRE: CVE-2008-1537 Description: Directory traversal vulnerability in pb_inc/admincenter/index.php in PowerScripts PowerBook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL. CVE Status: Candidate References: XF   http://xforce.iss.net/xforce/xfdb/41393 SREASON   http://securityreason.com/securityalert/3783 SAID   Secunia Advisory: SA29480 MILW0RM   http://www.milw0rm.com/exploits/5302 BUGTRAQ   http://www.securityfocus.com/archive/1/archive/1/490008/100/0/threaded BID   28418 Return to the previous page. Secunia PSI Scan | Patch | Track Free Download Secunia Poll Do you think it's important to read Setup/User Guides for applications for use within your network? Yes, I do it all the time Yes, but I do it rarely No See Results    Most Popular Advisories 1. Microsoft Windows WMF "SETABORTPROC" Arbitrary Code Execution 2. Debian update for gforge 3. Blender Multiple Temporary File Security Issues 4. GForge Insecure Temporary Files 5. Linux Kernel Multiple Vulnerabilities 6. Pet Grooming Management System "useradded.php" Security Bypass 7. 68 Classifieds "cat" SQL Injection Vulnerability 8. W1L3D4 Philboard Multiple SQL Injection Vulnerabilities 9. Rantx "logininfo" Security Bypass Vulnerability 10. Kostenloses Linkmanagements cript Multiple Vulnerabilities
Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia