Lucene search

[email protected]CVE-2004-1505

HistoryFeb 19, 2005 - 5:00 a.m.

CVE-2004-1505

2005-02-1905:00:00

[email protected]

web.nvd.nist.gov

cve-2004-1505

directory traversal

index.php

jaf cms 3.0rc

remote attackers

arbitrary files

php code

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.4%

JSON

Directory traversal vulnerability in index.php in Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to read arbitrary files and possibly execute PHP code via a … (dot dot) in the show parameter.

Affected configurations

NVD

Node

salims_softhousejaf_cmsMatch3.0rc

CPENameOperatorVersion
salims_softhouse:jaf_cmssalims softhouse jaf cmseq3.0

CPE	Name	Operator	Version
salims_softhouse:jaf_cms	salims softhouse jaf cms	eq	3.0

References

echo.or.id/adv/adv08-y3dips-2004.txt

marc.info/?l=bugtraq&m=110004150430309&w=2

secunia.com/advisories/13104

www.securityfocus.com/bid/11627

exchange.xforce.ibmcloud.com/vulnerabilities/17983

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.4%

JSON

Related for CVE-2004-1505

nvd1 cvelist1