Directory Traversal Vulnerability in Web Wiz Rich Text Editor and Forums
CVE-2008-0466

Currently unrated

Key Information:

Vendor

Webwiz

Status
Web Wiz Forums
Vendor
CVE Published:
29 January 2008

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸฃ EPSS 12%

What is CVE-2008-0466?

The Web Wiz Rich Text Editor and associated products have a vulnerability in the file browser component (RTE_file_browser.asp) that does not enforce authentication. This allows attackers to remotely list directories and read files stored on the server. Additionally, this vulnerability can be exploited to access directories outside of the configured tree, due to a separate directory traversal flaw. Organizations utilizing these products should review their settings and consider applying security updates or implementing additional access controls to mitigate the risk associated with unauthorized file access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/486868/100/0/threaded
mailing-listx_refsource_BUGTRAQ
https://www.exploit-db.com/exploits/4970
exploitx_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/4971
exploitx_refsource_EXPLOIT-DB

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.