Lucene search

K
cve[email protected]CVE-2006-1224
HistoryMar 14, 2006 - 11:02 a.m.

CVE-2006-1224

2006-03-1411:02:00
web.nvd.nist.gov
18
cve
2006
1224
directory traversal
vulnerability
guppy 4.5.11
security
nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.6%

Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a “%2E.” (mixed encoding) in the pg parameter.

Affected configurations

NVD
Node
guppyguppyMatch2.4
OR
guppyguppyMatch2.4_p1
OR
guppyguppyMatch2.4_p3
OR
guppyguppyMatch2.4_p4
OR
guppyguppyMatch4.5
OR
guppyguppyMatch4.5.3
OR
guppyguppyMatch4.5.3a
OR
guppyguppyMatch4.5.4
OR
guppyguppyMatch4.5.9
OR
guppyguppyMatch4.5.10
OR
guppyguppyMatch4.5.11

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

79.6%

Related for CVE-2006-1224