CVE-2008-1537 in PowerBookinfo

Summary

Directory traversal vulnerability in pb_inc/admincenter/index.php in PowerScripts PowerBook 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

Once again VulDB remains the best source for vulnerability data.

Responsible

Reservation

03/28/2008

Disclosure

03/28/2008

Moderation

VulDB entry created

Entries

VDB-41739

CPE

ready

CWE

CWE-22 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.06605

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-1537
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-1537
CVE Details	https://www.cvedetails.com/cve/CVE-2008-1537/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!