CVE-2008-1352

EdiorCMS 3.0 - Path Traversal via _SearchTemplate Parameter

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in search.php in EdiorCMS (ecms) 3.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the _SearchTemplate parameter during a Title search.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41189
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3746
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/489498/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28242

Scores

EPSS 0.0150
EPSS Percentile 71.3%

Details

CWE
CWE-22
Status published
Products (1)
hangzhou_network_technology_development/ediorcms 3.0
Published Mar 17, 2008
Tracked Since Feb 18, 2026