Lucene search

[email protected]CVE-2004-2717

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2717

2004-12-3105:00:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2004-2717

phpmychat

admin.php3

directory traversal

remote attack

administrative privileges

7.6 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.8%

JSON

Multiple directory traversal vulnerabilities in admin.php3 in PHPMyChat 0.14.5 allow remote attackers with administrative privileges to read arbitrary files via a … (dot dot) in the (1) sheet and (2) What parameters.

CPENameOperatorVersion
php_heaven:phpmychatphp heaven phpmychateq0.14.5

CPE	Name	Operator	Version
php_heaven:phpmychat	php heaven phpmychat	eq	0.14.5

References

archives.neohapsis.com/archives/bugtraq/2004-06/0252.html

secunia.com/advisories/11894

securitytracker.com/id?1010515

www.osvdb.org/7150

www.securityfocus.com/bid/10556

7.6 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.8%

JSON

Related for CVE-2004-2717

cvelist1