Unrated severityNVD Advisory· Published Feb 6, 2008· Updated Apr 23, 2026
CVE-2008-0612
CVE-2008-0612
Description
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- xoops.svn.sourceforge.net/viewvc/xoopsnvdPatch
- xoops.svn.sourceforge.net/viewvc/xoops/XoopsCore/branches/2.0.x/2.0.18.1/docs/changelog.txtnvdExploit
- securityreason.com/securityalert/3614nvd
- www.securityfocus.com/archive/1/487484/100/0/threadednvd
- www.securityfocus.com/bid/27622nvd
- www.exploit-db.com/exploits/5057nvd
News mentions
0No linked articles in our index yet.