NuytsTech Security

CVE-2008-3363

by ·

Directory traversal vulnerability in user_portal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a .. (dot dot backslash) in the include parameter.

Date published : 2008-07-30

http://www.securityfocus.com/bid/30150

http://www.securityfocus.com/archive/1/494496/100/0/threaded

Tags: