QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2008-5201

Back to search

CVE-2008-5201

Published: Nov 21, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Directory traversal vulnerability in index.php in OTManager CMS 24a allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conteudo parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.

VendorProductVersions

n/a

n/a

affected
n/a

References

4644
third-party-advisory
x_refsource_SREASON
29992
vdb-entry
x_refsource_BID
5957
exploit
x_refsource_EXPLOIT-DB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now