VYPR
Unrated severityNVD Advisory· Published Feb 3, 2015· Updated Jun 17, 2026

CVE-2014-9574

CVE-2014-9574

Description

Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a .. (dot dot) in the install_lang parameter.

Affected products

2
  • Fluxbb/Fluxbb2 versions
    cpe:2.3:a:fluxbb:fluxbb:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:fluxbb:fluxbb:*:*:*:*:*:*:*:*range: <=1.5.7
    • (no CPE)range: <1.5.8

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.