Unrated severityNVD Advisory· Published Apr 3, 2009· Updated Jun 16, 2026
CVE-2008-6592
CVE-2008-6592
Description
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:lightneasy:lightneasy:1.2.2:*:no_database:*:*:*:*:*+ 1 more
- cpe:2.3:a:lightneasy:lightneasy:1.2.2:*:no_database:*:*:*:*:*
- (no CPE)range: <=1.2.2
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.