CVE-2008-3150 Information

Description

Directory traversal vulnerability in index.php in Neutrino Atomic Edition 0.8.4 allows remote attackers to read and modify files as demonstrated by manipulating data/sess.php in (1) usb and (2) del_pag actions. NOTE: this can be leveraged for code execution by performing an upload that bypasses the intended access restrictions that were implemented in sess.php.

Reference

http://secunia.com/advisories/30950 http://www.securityfocus.com/bid/30123 https://exchange.xforce.ibmcloud.com/vulnerabilities/43616 https://www.exploit-db.com/exploits/6018