CVE-2008-3710

CyBoards PHP Lite <1.21 - Path Traversal

Title source: llm
STIX 2.1

Description

Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) script_path parameter to (a) options.php and the (2) lang_code parameter to (b) copy_vip.php and (c) process_edit_board.php in adminopts/. NOTE: some of these vectors might not be vulnerabilities under proper installation.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44475
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30688
Third Party Advisory mailing-list x_refsource_vim
http://www.attrition.org/pipermail/vim/2008-August/002052.html

Scores

EPSS 0.0129
EPSS Percentile 66.7%

Details

CWE
CWE-22
Status published
Products (1)
hotscripts/cyboards_php_lite 1.21
Published Aug 19, 2008
Tracked Since Feb 18, 2026