VYPR
Unrated severityNVD Advisory· Published Mar 6, 2009· Updated Jun 16, 2026

CVE-2008-6423

CVE-2008-6423

Description

Directory traversal vulnerability in passwiki.php in PassWiki 0.9.16 RC3 and earlier allows remote attackers to read arbitrary local files via a .. (dot dot) in the site_id parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

22
  • I Apps/Passwiki21 versions
    cpe:2.3:a:i-apps:passwiki:0.9.10:*:*:*:*:*:*:*+ 20 more
    • cpe:2.3:a:i-apps:passwiki:0.9.10:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.11:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.12:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.13:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.14:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.15:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.15:beta:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.15:beta2:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.15:rc1:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.16:beta1:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.16:beta2:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.16:beta3:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.16:rc1:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.16:rc2:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.6:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.7:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.8:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:0.9.9:*:*:*:*:*:*:*
    • cpe:2.3:a:i-apps:passwiki:*:rc3:*:*:*:*:*:*range: <=0.9.16
  • PassWiki/PassWikillm-create
    Range: <=0.9.16 RC3

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.