Lucene search

[email protected]CVE-2007-1140

HistoryMar 02, 2007 - 9:18 p.m.

CVE-2007-1140

2007-03-0221:18:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2007-1140

directory traversal

remote attackers

file modification

vulnerability

information security

6.9 Medium

AI Score

Confidence

Low

9.4 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

0.02 Low

EPSS

Percentile

88.8%

JSON

Directory traversal vulnerability in edit.php in pheap allows remote attackers to read and modify arbitrary files via a … (dot dot) in the filename parameter.

CPENameOperatorVersion
barekoncept:pheapbarekoncept pheapeq-

CPE	Name	Operator	Version
barekoncept:pheap	barekoncept pheap	eq	-

References

osvdb.org/33140

securityreason.com/securityalert/2354

www.securityfocus.com/archive/1/460920/100/0/threaded

www.securityfocus.com/bid/22670

6.9 Medium

AI Score

Confidence

Low

9.4 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:C/A:N

0.02 Low

EPSS

Percentile

88.8%

JSON

Related for CVE-2007-1140

prion1 cvelist1 securityvulns1