6.8
CVSSv2

CVE-2008-5962

Published: 23/01/2009 Updated: 29/09/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Directory traversal vulnerability in library/setup/rpc.php in Gravity Getting Things Done (GTD) 0.4.5 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the objectname parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

gravity-gtd gravity-gtd 0.2

gravity-gtd gravity-gtd 0.3

gravity-gtd gravity-gtd 0.4

gravity-gtd gravity-gtd

Exploits

:::::::- :::::: ::: ;;, `';, ;; ;;;`;;;;, `;;; `[[ [[[[' [[[ [[[[[ '[[ $$, $$$$ $$$ $$$ "Y$c$$ 888_,o8P'88 d888 888 Y88 MMMMP"` "YmmMMMM"" MMM YM [ Discovered by dun \ dun[at]strcpypl ] ##################################################### # [ gravity-gtd <= 04 ...