CVE-2008-1642

Sava's GuestBook 2.0 - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in index.php in Sava's GuestBook 2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28536
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29592
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41596

Scores

EPSS 0.0153
EPSS Percentile 71.7%

Details

CWE
CWE-22
Status published
Products (1)
savas_place/savas_guestbook 2.0
Published Apr 02, 2008
Tracked Since Feb 18, 2026