Unrated severityNVD Advisory· Published Aug 10, 2009· Updated Apr 23, 2026

CVE-2008-6926

Description

Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action. NOTE: this issue only crosses privilege boundaries when security settings such as disable_functions and safe_mode are active, since exploitation requires uploading of executable code to a home directory.

Affected products

Netenberg/Fantastico De Luxe
cpe:2.3:a:netenberg:fantastico_de_luxe:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/archive/1/498519nvdExploit
www.securityfocus.com/bid/32016nvdExploit
www.netenberg.com/forum/index.phpnvd
www.securityfocus.com/archive/1/497964/100/0/threadednvd
www.securityfocus.com/archive/1/498526nvd
www.securityfocus.com/archive/1/498529nvd
www.securityfocus.com/archive/1/498529/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/46252nvd
www.exploit-db.com/exploits/6897nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000