CVE-2008-3677 | SynScan

Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2008-3677

Directory traversal vulnerability in includes/events_application_top.php in Freeway before 1.4.2.197 allows remote attackers to include and execute arbitrary local files via unspecified vectors.

Published: Aug 14, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3677
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
openfreeway / freeway	1.4.1	1.4.1.x
openfreeway / freeway	1.0.59	1.0.59.x
openfreeway / freeway	1.0.60	1.0.60.x
openfreeway / freeway	1.4-pre-release	1.4-pre-release.x
openfreeway / freeway	1.3.2.154	1.3.2.154.x
openfreeway / freeway	1.3.2.160-joomla_beta	1.3.2.160-joomla_beta.x
openfreeway / freeway	1.3.1.147	1.3.1.147.x
openfreeway / freeway	1.3.0.142	1.3.0.142.x
openfreeway / freeway	1.1.1.81	1.1.1.81.x
openfreeway / freeway	1.2.0.113	1.2.0.113.x
openfreeway / freeway	1.0.25-public_beta	1.0.25-public_beta.x