Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2008-3128

Published: 10/07/2008 Updated: 29/09/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Pivot

Vulnerability Summary

Directory traversal vulnerability in search.php in Pivot 1.40.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the t parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

pivot pivot 1.40.5

Exploits

Exploit DB: Pivot 1.40.5 - Dreamwind 'load_template()' Credentials Disclosure
<?php /* Pivot 1405 'Dreamwind' load_template() credentials disclosure exploit by Nine:Situations:Group::bookoo our site: retrogodaltervistaorg/ software site: wwwpivotlognet/ Google dork: "by Pivot - 1405" +'Dreadwind' -pivotlognet vulnerability: ...

References

CWE-22http://forum.pivotlog.net/viewtopic.php?t=12471http://pivot-weblog.svn.sourceforge.net/viewvc/pivot-weblog/branches/1.40.x/pivot/modules/module_parser.php?r1=1333&r2=1332&pathrev=1333http://www.securityfocus.com/bid/30012http://secunia.com/advisories/30889http://www.securitytracker.com/id?1020412http://www.vupen.com/english/advisories/2008/1991/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/43470https://www.exploit-db.com/exploits/5973https://nvd.nist.govhttps://www.exploit-db.com/exploits/5973/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook