CVE-2008-6592 Information

Description

thumbsup.php in Thumbs-Up 1.12 as used in LightNEasy \no database\ (aka flat) and SQLite 1.2.2 and earlier allows remote attackers to copy rename and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a 00 (encoded null byte).

Reference

http://secunia.com/advisories/29833 http://www.osvdb.org/44674 http://www.securityfocus.com/archive/1/491064/100/0/threaded http://www.securityfocus.com/bid/28801 https://exchange.xforce.ibmcloud.com/vulnerabilities/49851 https://www.exploit-db.com/exploits/5452