Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
6 vulnerabilities found for php_filemanager by libra_file_manager
FKIE_CVE-2008-7027
Vulnerability from fkie_nvd - Published: 2009-08-21 14:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libra_file_manager | php_filemanager | * | |
| libra_file_manager | php_filemanager | 1.0 | |
| libra_file_manager | php_filemanager | 1.03 | |
| libra_file_manager | php_filemanager | 1.05 | |
| libra_file_manager | php_filemanager | 1.08 | |
| libra_file_manager | php_filemanager | 1.17 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93AF7428-B3B2-4962-A3EC-7417FCF22B60",
"versionEndIncluding": "1.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC32424A-D58D-4CB8-82B8-58DEB5C09410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9543DA-0F76-4438-BE61-51D42412A813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "8A152A89-1E0A-47A3-AABD-C5FBC4869EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "6D225985-9697-4704-AA54-1A9B9D7B8988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFE7EF9-9374-4DF3-9851-E830D424A7AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1."
},
{
"lang": "es",
"value": "Libra File Manager 1.18 y versiones anteriores permite a atacantes remotos eludir la autenticaci\u00f3n y obtener privilegios mediante el establecimiento de las cookies \"user\" y \"pass\" a 1."
}
],
"id": "CVE-2008-7027",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-08-21T14:30:00.627",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/31422"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/6579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/31422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/6579"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-4319
Vulnerability from fkie_nvd - Published: 2008-09-29 19:25 - Updated: 2025-04-09 00:30
Severity ?
Summary
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libra_file_manager | php_filemanager | * | |
| libra_file_manager | php_filemanager | 1.00 | |
| libra_file_manager | php_filemanager | 1.03 | |
| libra_file_manager | php_filemanager | 1.05 | |
| libra_file_manager | php_filemanager | 1.08 | |
| libra_file_manager | php_filemanager | 1.17 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93AF7428-B3B2-4962-A3EC-7417FCF22B60",
"versionEndIncluding": "1.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "9C83A5C9-A836-4B7F-A0E0-4C354525A08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.03:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9543DA-0F76-4438-BE61-51D42412A813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "8A152A89-1E0A-47A3-AABD-C5FBC4869EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.08:*:*:*:*:*:*:*",
"matchCriteriaId": "6D225985-9697-4704-AA54-1A9B9D7B8988",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:libra_file_manager:php_filemanager:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4DFE7EF9-9374-4DF3-9851-E830D424A7AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string."
},
{
"lang": "es",
"value": "El m\u00f3dulo fileadmin.php en Libra File Manager (tambi\u00e9n conocido como Libra PHP File Manager) v1.18 y anteriores permite a atacantes remotos evitar la autenticaci\u00f3n, leer ficheros arbitrarios, modificar ficheros arbitrarios y listar el contenido de directorios arbitrarios, al insertar ciertos par\u00e1metros \"user\" e \"isadmin\" en la cadena de consulta."
}
],
"id": "CVE-2008-4319",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-29T19:25:35.760",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/496742"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/31415"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45423"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/6567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/archive/1/496742"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/31415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/6567"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2008-7027 (GCVE-0-2008-7027)
Vulnerability from cvelistv5 – Published: 2009-08-21 14:00 – Updated: 2024-08-07 11:49
VLAI?
Summary
Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Date Public ?
2008-09-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:49:02.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6579"
},
{
"name": "31422",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31422"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6579"
},
{
"name": "31422",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31422"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6579",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6579"
},
{
"name": "31422",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31422"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7027",
"datePublished": "2009-08-21T14:00:00.000Z",
"dateReserved": "2009-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:49:02.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4319 (GCVE-0-2008-4319)
Vulnerability from cvelistv5 – Published: 2008-09-29 18:00 – Updated: 2024-08-07 10:08
VLAI?
Summary
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2008-09-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:35.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6567",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6567"
},
{
"name": "31415",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31415"
},
{
"name": "20080925 Fwd: Returned post for bugtraq@securityfocus.com",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/496742"
},
{
"name": "librafilemanager-fileadmin-security-bypass(45423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45423"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6567",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6567"
},
{
"name": "31415",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31415"
},
{
"name": "20080925 Fwd: Returned post for bugtraq@securityfocus.com",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/496742"
},
{
"name": "librafilemanager-fileadmin-security-bypass(45423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45423"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6567",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6567"
},
{
"name": "31415",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31415"
},
{
"name": "20080925 Fwd: Returned post for bugtraq@securityfocus.com",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496742"
},
{
"name": "librafilemanager-fileadmin-security-bypass(45423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45423"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4319",
"datePublished": "2008-09-29T18:00:00.000Z",
"dateReserved": "2008-09-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:08:35.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-7027 (GCVE-0-2008-7027)
Vulnerability from nvd – Published: 2009-08-21 14:00 – Updated: 2024-08-07 11:49
VLAI?
Summary
Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Date Public ?
2008-09-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:49:02.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6579"
},
{
"name": "31422",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31422"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6579",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6579"
},
{
"name": "31422",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31422"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6579",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6579"
},
{
"name": "31422",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31422"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7027",
"datePublished": "2009-08-21T14:00:00.000Z",
"dateReserved": "2009-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:49:02.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4319 (GCVE-0-2008-4319)
Vulnerability from nvd – Published: 2008-09-29 18:00 – Updated: 2024-08-07 10:08
VLAI?
Summary
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2008-09-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:35.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6567",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6567"
},
{
"name": "31415",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31415"
},
{
"name": "20080925 Fwd: Returned post for bugtraq@securityfocus.com",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/496742"
},
{
"name": "librafilemanager-fileadmin-security-bypass(45423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45423"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6567",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6567"
},
{
"name": "31415",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31415"
},
{
"name": "20080925 Fwd: Returned post for bugtraq@securityfocus.com",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/496742"
},
{
"name": "librafilemanager-fileadmin-security-bypass(45423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45423"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote attackers to bypass authentication, and read arbitrary files, modify arbitrary files, and list arbitrary directories, by inserting certain user and isadmin parameters in the query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6567",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6567"
},
{
"name": "31415",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31415"
},
{
"name": "20080925 Fwd: Returned post for bugtraq@securityfocus.com",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496742"
},
{
"name": "librafilemanager-fileadmin-security-bypass(45423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45423"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4319",
"datePublished": "2008-09-29T18:00:00.000Z",
"dateReserved": "2008-09-29T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:08:35.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}