CVE-2008-5919

NONE
Published Jan 21, 200917y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 21, 2009 17y ago
Last Modified Jun 16, 2026 2w ago

Description

Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 20

VendorProductVersionRange
tigriswebsvn* ≤2.0
tigriswebsvn1.00any
tigriswebsvn1.01any
tigriswebsvn1.02any
tigriswebsvn1.03any
tigriswebsvn1.04any
tigriswebsvn1.10any
tigriswebsvn1.20any
tigriswebsvn1.31aany
tigriswebsvn1.32any
tigriswebsvn1.33any
tigriswebsvn1.34any
tigriswebsvn1.37any
tigriswebsvn1.38any
tigriswebsvn1.39any
tigriswebsvn1.40any
tigriswebsvn1.51any
tigriswebsvn1.60any
tigriswebsvn1.61any
tigriswebsvn1.62any

References 10

Remediation

  • websvn.tigris.org http://websvn.tigris.org/servlets/NewsItemView?newsItemID=2218
    Patch