CVE-2008-1415

Multiple Time Sheets <5.0 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1415. PoCs published by JosS.

AI-analyzed exploit summary This is a writeup detailing multiple vulnerabilities in Mutiple Timesheets <= 5.0, including directory traversal, XSS, and cookie manipulation. It provides examples of exploit URLs but does not include executable exploit code.

Description

Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and earlier allows remote attackers to read arbitrary files via "../..//" (modified dot dot) sequences in the tab parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by JosS · textwebappsphp
https://www.exploit-db.com/exploits/5262

This is a writeup detailing multiple vulnerabilities in Mutiple Timesheets <= 5.0, including directory traversal, XSS, and cookie manipulation. It provides examples of exploit URLs but does not include executable exploit code.

Classification
Writeup 100%
Attack Type
Info Leak | Xss | Other
Complexity
Trivial
Reliability
Theoretical
Target: Mutiple Timesheets <= 5.0
No auth needed
Prerequisites: Access to the target application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/5262
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0911/references
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3756
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/489689/100/0/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28263

Scores

EPSS 0.0276
EPSS Percentile 84.3%

Details

CWE
CWE-22
Status published
Products (1)
riceball/multiple_time_sheets 5.0
Published Mar 20, 2008
Tracked Since Feb 18, 2026