Back to search
CVE-2008-0782
Published: Feb 14, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the MOIN_ID user ID in a cookie for a userform action. NOTE: this issue can be leveraged for PHP code execution via the quicklinks parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
33755
third-party-advisory
x_refsource_SECUNIA
GLSA-200803-27
vendor-advisory
x_refsource_GENTOO
29262
third-party-advisory
x_refsource_SECUNIA
http://hg.moinmo.in/moin/1.5/rev/e69a16b6e630
x_refsource_CONFIRM
29010
third-party-advisory
x_refsource_SECUNIA
20080124 MoinMoin 1.5.x MOIND_ID cookie Bug Remote Exploit
mailing-list
x_refsource_VIM
moinmoin-readme-file-overwrite(39837)
vdb-entry
x_refsource_XF
4957
exploit
x_refsource_EXPLOIT-DB
ADV-2008-0569
vdb-entry
x_refsource_VUPEN
29444
third-party-advisory
x_refsource_SECUNIA
27404
vdb-entry
x_refsource_BID
USN-716-1
vendor-advisory
x_refsource_UBUNTU
DSA-1514
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now