Unrated severityNVD Advisory· Published Mar 25, 2009· Updated Apr 23, 2026

CVE-2008-6522

Description

Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a .. (dot dot) in the (1) CurrentDirectory and (2) File parameters to index.php.

Affected products

Devraj Mukherjee/Openterracotta
cpe:2.3:a:devraj_mukherjee:openterracotta:0.6.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/28550nvdExploit
www.securityfocus.com/archive/1/490341/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/41572nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000