Unrated severityNVD Advisory· Published Jun 25, 2008· Updated Jun 16, 2026
CVE-2008-2863
CVE-2008-2863
Description
Multiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp in cms/assetmanager/.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:elinestudio:site_composer:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:elinestudio:site_composer:*:*:*:*:*:*:*:*range: <=2.6
- (no CPE)range: =2.6
Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.