CVE-2008-0513
NONE
Published Jan 31, 200818y ago · Modified Jun 16, 20262w ago
Published Jan 31, 2008 18y ago
Last Modified Jun 16, 2026 2w ago
Description
Directory traversal vulnerability in parser/include/class.cache_phpcms.php in phpCMS 1.2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to parser/parser.php, as demonstrated by a filename ending with %00.gif, a different vector than CVE-2005-1840.
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-22 Path Traversal Resource Mgmt
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| phpcms | phpcms | 1.2.2 | any |
References 7
- secunia.com http://secunia.com/advisories/28709
- securityfocus.com http://www.securityfocus.com/archive/1/487251/100/0/threaded
- securityfocus.com http://www.securityfocus.com/archive/1/487254/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/27495
- vupen.com http://www.vupen.com/english/advisories/2008/0353
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/40017
- exploit-db.com https://www.exploit-db.com/exploits/5006
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.