6.9 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.013 Low
EPSS
Percentile
85.8%
Directory traversal vulnerability in index.php in Noah Medling RCBlog 1.03 allows remote attackers to read arbitrary .txt files, possibly including one that stores the administrator’s account name and password, via a … (dot dot) in the post parameter.
CPE | Name | Operator | Version |
---|---|---|---|
noah_medling:rcblog | noah medling rcblog | eq | 1.03 |
evuln.com/vulns/42/summary.html
secunia.com/advisories/18547
securitytracker.com/id?1015523
www.fluffington.com/index.php?page=rcblog
www.osvdb.org/22680
www.securityfocus.com/archive/1/422499/100/0/threaded
www.securityfocus.com/archive/1/425392/100/0/threaded
www.securityfocus.com/archive/1/436784/30/4500/threaded
www.securityfocus.com/bid/16342
exchange.xforce.ibmcloud.com/vulnerabilities/24248
exchange.xforce.ibmcloud.com/vulnerabilities/27042