CVE-2008-3677

Freeway <1.4.2.197 - Path Traversal

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44426
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31475
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30676

Scores

EPSS 0.0124
EPSS Percentile 65.5%

Details

CWE
CWE-22
Status published
Products (11)
openfreeway/freeway 1.0.25 public_beta
openfreeway/freeway 1.0.59
openfreeway/freeway 1.0.60
openfreeway/freeway 1.1.1.81
openfreeway/freeway 1.2.0.113
openfreeway/freeway 1.3.0.142
openfreeway/freeway 1.3.1.147
openfreeway/freeway 1.3.2.154
openfreeway/freeway 1.3.2.160 joomla_beta
openfreeway/freeway 1.4 pre-release
... and 1 more
Published Aug 14, 2008
Tracked Since Feb 18, 2026