Summary
Dagger is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying computer other
attacks are also possible.
Solution
Vendor updates are available. See http://labs.geody.com/dagger/ fore more information.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-6635 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities