Lucene search

[email protected]CVE-2007-1613

HistoryMar 23, 2007 - 12:19 a.m.

CVE-2007-1613

2007-03-2300:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1613

directory traversal

mpm chat 2.5

remote attacks

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.3%

JSON

Directory traversal vulnerability in view.php in MPM Chat 2.5 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the logi parameter.

CPENameOperatorVersion
mpm_chat:mpm_chatmpm chateq2.5

CPE	Name	Operator	Version
mpm_chat:mpm_chat	mpm chat	eq	2.5

References

osvdb.org/34278

secunia.com/advisories/24576

www.securityfocus.com/bid/23009

www.vupen.com/english/advisories/2007/1008

www.exploit-db.com/exploits/3503

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.019 Low

EPSS

Percentile

88.3%

JSON

Related for CVE-2007-1613

prion1 securityvulns1