CVE-2009-4700

Published: Mar 15, 2010Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Directory traversal vulnerability in index.php in SkaDate Dating allows remote attackers to read arbitrary files via a .. (dot dot) in the layout parameter.

Affected (4)

Products: Skadate: Skadate Online Dating Software

1 product

Skadate Online Dating Software

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Skadate Skadate Online Dating Software	All versions
Skadate Skadate Online Dating Software	Version 5.0
Skadate Skadate Online Dating Software	Version 6.0
Skadate Skadate Online Dating Software	Version 6.482

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (10)

http://osvdb.org/56543

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/35997

Source: cve@mitre.org

Vendor Advisory

http://www.exploit-db.com/exploits/9260

Source: cve@mitre.org

http://www.securityfocus.com/bid/35813

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/52003

Source: cve@mitre.org

http://osvdb.org/56543

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://secunia.com/advisories/35997

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.exploit-db.com/exploits/9260

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/35813

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/52003

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.