1 results (0.001 seconds)
CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 2
CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 2CVE-2008-0184 – SysHotel On Line System - 'index.php' Local File Inclusion
https://notcve.org/view.php?id=CVE-2008-0184
Absolute path traversal vulnerability in index.php in Sys-Hotel on Line System allows remote attackers to read arbitrary files via an encoded "/" ("%2F") in the file parameter. Vulnerabilidad de salto de directorio en index.php de Sys-Hotel on Line System, permite que atacantes remotos lean ficheros arbitrariamente usando un "/" ("%2F") codificado en el parámetro file. • https://www.exploit-db.com/exploits/31000 http://securityreason.com/securityalert/3528 http://www.securityfocus.com/archive/1/485940/100/0/threaded http://www.securityfocus.com/bid/27184 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •