CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 1CVE-2008-1042 – PHP Download Manager 1.1 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2008-1042
Directory traversal vulnerability in include/body.inc.php in Linux Web Shop (LWS) php Download Manager 1.0 and 1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content parameter. Vulnerabilidad de salto de directorio en include/body.inc.php de Linux Web Shop (LWS) php Download Manager 1.0 y 1.1 permite a atacantes remotos incluir y ejecutar ficheros locales de su elección a través de .. (punto punto) en el parámetro content. • https://www.exploit-db.com/exploits/5183 http://secunia.com/advisories/29089 http://www.securityfocus.com/bid/27961 https://exchange.xforce.ibmcloud.com/vulnerabilities/40795 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •