7.1 High
AI Score
Confidence
Low
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.02 Low
EPSS
Percentile
88.5%
Multiple directory traversal vulnerabilities in GuppY 4.5.9 and earlier allow remote attackers to read and include arbitrary files via (1) the meskin parameter to admin/editorTypetool.php, or the lng parameter to the in admin/inc scripts (2) archbatch.php, (3) dbbatch.php, and (4) nwlmail.php.
CPE | Name | Operator | Version |
---|---|---|---|
guppy:guppy | guppy | eq | 4.5.4 |
guppy:guppy | guppy | eq | 4.5.3a |
guppy:guppy | guppy | eq | 4.5.9 |
guppy:guppy | guppy | eq | 4.5 |
guppy:guppy | guppy | eq | 4.5.3 |
rgod.altervista.org/guppy459_xpl.html
secunia.com/advisories/17790
securityreason.com/securityalert/212
securitytracker.com/id?1015279
www.securityfocus.com/archive/1/417899/100/0/threaded
www.securityfocus.com/bid/15610
www.vupen.com/english/advisories/2005/2635
exchange.xforce.ibmcloud.com/vulnerabilities/23319