Directory Traversal Vulnerability in Page Flip Image Gallery Plugin for WordPress
CVE-2008-5752

Currently unrated

Key Information:

Vendor

Wordpress
Status
Page Flip Image Gallery Plugin
Vendor
CVE Published:
30 December 2008

What is CVE-2008-5752?

The Page Flip Image Gallery plugin for WordPress is susceptible to a directory traversal vulnerability when the 'magic_quotes_gpc' setting is disabled. This flaw enables remote attackers to manipulate the 'book_id' parameter, allowing them to access arbitrary files on the server. The risk lies in an attacker's ability to exploit the '..' (dot dot) syntax to traverse the directory structure, potentially exposing sensitive information and configuration files.

References

http://osvdb.org/50902
vdb-entryx_refsource_OSVDB
http://securityreason.com/securityalert/4836
third-party-advisoryx_refsource_SREASON
http://secunia.com/advisories/33274
third-party-advisoryx_refsource_SECUNIA

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.