CVE-2008-3195: CVE-2008-3195

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-3195

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Directory traversal vulnerability in bin/configure in TWiki before 4.2.3, when a certain step in the installation guide is skipped, allows remote attackers to read arbitrary files via a query string containing a .. (dot dot) in the image variable, and execute arbitrary files via unspecified vectors.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

TWiki /bin/configure脚本文件泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

TWiki是一款灵活易用、功能强大的企业协作平台和知识管理系统。 TWiki软件没有正确地验证某些URL输入，如果访问了包含有TWiki配置脚本的URL的话，攻击者就可以读取任意文件。以下是/bin/configure脚本中的有漏洞代码： if( $action eq 'image' ) { # SMELL: this call is correct, but causes a perl error # on some versions of CGI.pm # print $query->header(

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-3195

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-3195

Please Login to view more intelligence information

http://www.kb.cert.org/vuls/id/RGII-7JEQ7Lx_refsource_CONFIRM
http://twiki.org/cgi-bin/view/Codev/TWikiRelease04x02x03#4_2_3_Bugfix_Highlightsx_refsource_CONFIRM
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-3195x_refsource_CONFIRM
http://securityreason.com/securityalert/4265third-party-advisoryx_refsource_SREASON
https://www.exploit-db.com/exploits/6269exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/31964third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/31849third-party-advisoryx_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/362012third-party-advisoryx_refsource_CERT-VN
http://www.vupen.com/english/advisories/2008/2586vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/45182vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/45183vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2008-3195

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-3195

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2008-3195

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-3195

III. Intelligence Information for CVE-2008-3195

IV. Related Vulnerabilities

V. Comments for CVE-2008-3195

Leave a comment