daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2008/CVE-2008-6668.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-07-05 14:15:59 -04:00
parent b2d8370bc8
commit f64bf42d82
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cves/2008/CVE-2008-6668.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2008-6668
info:
name: nweb2fax <= 0.2.7 Directory Traversal
name: nweb2fax <=0.2.7- Local File Inclusion
author: geeknik
severity: high
description: Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via .. in the id parameter to comm.php and var_filename parameter to viewrq.php.
description: nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the var_filename parameter submitted to viewrq.php (aka local file inclusion).
reference:
- https://www.exploit-db.com/exploits/5856
- https://nvd.nist.gov/vuln/detail/CVE-2008-6668
- http://web.archive.org/web/20210130035550/https://www.securityfocus.com/bid/29804
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43173
- https://nvd.nist.gov/vuln/detail/CVE-2008-6668
classification:
cve-id: CVE-2008-6668
tags: nweb2fax,lfi,cve,cve2008,traversal
@ -29,3 +29,5 @@ requests:
part: body
regex:
- "root:.*:0:0:"
# Enhanced by mp on 2022/07/05