cve/2008/CVE-2008-3568.md

### [CVE-2008-3568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3568)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Absolute path traversal vulnerability in fckeditor/editor/filemanager/browser/default/connectors/php/connector.php in UNAK-CMS 1.5.5 allows remote attackers to include and execute arbitrary local files via a full pathname in the Dirroot parameter, a different vulnerability than CVE-2006-4890.1.

### POC

#### Reference
- http://securityreason.com/securityalert/4123

#### Github
No PoCs found on GitHub currently.