Unrated severityNVD Advisory· Published Oct 23, 2008· Updated Apr 23, 2026

CVE-2008-4718

Description

Directory traversal vulnerability in help/mini.php in X7 Chat 2.0.1 A1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the help_file parameter, a different vector than CVE-2006-2156.

Affected products

X7 Group/X7 Chat13 versions
cpe:2.3:a:x7_group:x7_chat:1.0.0b:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:x7_group:x7_chat:1.0.0b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.1.1b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.1.2b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.2.0b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.3.0b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.3.1b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.3.2b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.3.3b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.3.4b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.3.5b:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:1.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:x7_group:x7_chat:*:alpha_1:*:*:*:*:*:*range: <=2.0.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000