Description
Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44426
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31475
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/30676
Product x_refsource_confirm
http://sourceforge.net/project/shownotes.php?release_id=619467
Scores
EPSS
0.0124
EPSS Percentile
65.5%
Details
CWE
CWE-22
Status
published
Products (11)
openfreeway/freeway
1.0.25 public_beta
openfreeway/freeway
1.0.59
openfreeway/freeway
1.0.60
openfreeway/freeway
1.1.1.81
openfreeway/freeway
1.2.0.113
openfreeway/freeway
1.3.0.142
openfreeway/freeway
1.3.1.147
openfreeway/freeway
1.3.2.154
openfreeway/freeway
1.3.2.160 joomla_beta
openfreeway/freeway
1.4 pre-release
... and 1 more
Published
Aug 14, 2008
Tracked Since
Feb 18, 2026