VYPR
Unrated severityNVD Advisory· Published Aug 14, 2008· Updated Jun 16, 2026

CVE-2008-3677

CVE-2008-3677

Description

Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors.

Affected products

12
  • Openfreeway/Freeway12 versions
    cpe:2.3:a:openfreeway:freeway:1.0.25:public_beta:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:openfreeway:freeway:1.0.25:public_beta:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.0.59:*:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.0.60:*:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.1.1.81:*:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.2.0.113:*:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.3.0.142:*:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.3.1.147:*:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.3.2.154:*:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.3.2.160:joomla_beta:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:openfreeway:freeway:1.4:pre-release:*:*:*:*:*:*
    • (no CPE)range: <1.4.2.197

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.