Unrated severityNVD Advisory· Published Jul 14, 2008· Updated Apr 23, 2026
CVE-2008-3164
CVE-2008-3164
Description
Directory traversal vulnerability in blog.php in fuzzylime (cms) 3.01, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter. NOTE: it was later reported that 3.01a is also affected.
Affected products
1- cpe:2.3:a:fuzzylime:fuzzylime_cms:3.01:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
7- downloads.securityfocus.com/vulnerabilities/exploits/30121.plnvdExploit
- www.securityfocus.com/bid/30121nvdExploit
- secunia.com/advisories/30930nvdVendor Advisory
- www.vupen.com/english/advisories/2008/2015/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/43606nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/43939nvd
- www.exploit-db.com/exploits/6016nvd
News mentions
0No linked articles in our index yet.