Lucene search

[email protected]CVE-2002-1515

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-1515

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

cve

2002

1515

directory traversal

coolforum

remote attack

arbitrary files

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.104 Low

EPSS

Percentile

95.0%

JSON

Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta allows remote attackers to read arbitrary files via … (dot dot) sequences in the img parameter.

Affected configurations

NVD

Node

coolforumcoolforumMatch0.5_beta

CPENameOperatorVersion
coolforum:coolforumcoolforumeq0.5_beta

CPE	Name	Operator	Version
coolforum:coolforum	coolforum	eq	0.5_beta

References

archives.neohapsis.com/archives/vulnwatch/2002-q4/0001.html

online.securityfocus.com/archive/1/295358

www.coolforum.net/index.php?p=dlcoolforum

www.iss.net/security_center/static/10237.php

www.securityfocus.com/bid/5973

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.104 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2002-1515

cvelist1 nvd1