Vulnerabilities > CVE-2008-2878 - Input Validation vulnerability in Academic Web Tools CMS 1.4.2.8

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
yektaweb
exploit available

Summary

Open redirect vulnerability in rss_getfile.php in Academic Web Tools (AWT YEKTA) 1.4.3.1, and 1.4.2.8 and earlier, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter.

Vulnerable Configurations

Part Description Count
Application
Yektaweb
1

Exploit-Db

descriptionAcademic Web Tools CMS <= 1.4.2.8 Multiple Vulnerabilities. CVE-2008-2878,CVE-2008-2967,CVE-2008-2968,CVE-2008-2969,CVE-2008-2970. Webapps exploit for php...
idEDB-ID:5861
last seen2016-01-31
modified2008-06-19
published2008-06-19
reporterBugReport.IR
sourcehttps://www.exploit-db.com/download/5861/
titleAcademic Web Tools CMS <= 1.4.2.8 - Multiple Vulnerabilities