CVE-2008-5919
NONE
Published Jan 21, 200917y ago · Modified Jun 16, 20262w ago
Published Jan 21, 2009 17y ago
Last Modified Jun 16, 2026 2w ago
Description
Directory traversal vulnerability in rss.php in WebSVN 2.0 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to overwrite arbitrary files via directory traversal sequences in the rev parameter.
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-22 Path Traversal Resource Mgmt
Affected Products 20
| Vendor | Product | Version | Range |
|---|---|---|---|
| tigris | websvn | * | ≤2.0 |
| tigris | websvn | 1.00 | any |
| tigris | websvn | 1.01 | any |
| tigris | websvn | 1.02 | any |
| tigris | websvn | 1.03 | any |
| tigris | websvn | 1.04 | any |
| tigris | websvn | 1.10 | any |
| tigris | websvn | 1.20 | any |
| tigris | websvn | 1.31a | any |
| tigris | websvn | 1.32 | any |
| tigris | websvn | 1.33 | any |
| tigris | websvn | 1.34 | any |
| tigris | websvn | 1.37 | any |
| tigris | websvn | 1.38 | any |
| tigris | websvn | 1.39 | any |
| tigris | websvn | 1.40 | any |
| tigris | websvn | 1.51 | any |
| tigris | websvn | 1.60 | any |
| tigris | websvn | 1.61 | any |
| tigris | websvn | 1.62 | any |
References 10
- secunia.com http://secunia.com/advisories/32338
- secunia.com http://secunia.com/advisories/34191
- securityreason.com http://securityreason.com/securityalert/4928
- websvn.tigris.org http://websvn.tigris.org/issues/show_bug.cgi?id=179
- websvn.tigris.org http://websvn.tigris.org/servlets/NewsItemView?newsItemID=2218
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200903-20.xml
- gulftech.org http://www.gulftech.org/?node=research&article_id=00132-10202008
- securityfocus.com http://www.securityfocus.com/bid/31891
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/46050
- exploit-db.com https://www.exploit-db.com/exploits/6822
Remediation
- websvn.tigris.org http://websvn.tigris.org/servlets/NewsItemView?newsItemID=2218