Moderate severityNVD Advisory· Published Mar 12, 2008· Updated Jun 16, 2026
CVE-2008-1301
CVE-2008-1301
Description
Absolute path traversal vulnerability in system/workplace/admin/workplace/logfileview/logfileViewSettings.jsp in Alkacon OpenCms 7.0.3 and 7.0.4 allows remote authenticated administrators to read arbitrary files via a full pathname in the filePath.0 parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.opencms:opencms-coreMaven | >= 7.0.3, < 7.0.5 | 7.0.5 |
Affected products
3Patches
Vulnerability mechanics
References
8- www.securityfocus.com/bid/28152nvdExploit
- secunia.com/advisories/29278nvdVendor Advisory
- github.com/advisories/GHSA-xxjj-jhgc-r68fghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2008-1301ghsaADVISORY
- securityreason.com/securityalert/3731nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/41096nvdWEB
- github.com/alkacon/opencms-core/commit/7b73b5559c1b025dfe0f7b38ed4119c25b9df409ghsaWEB
- www.securityfocus.com/archive/1/489291/100/0/threadednvd
News mentions
0No linked articles in our index yet.