Lucene search

[email protected]CVE-2007-1842

HistoryApr 03, 2007 - 4:19 p.m.

CVE-2007-1842

2007-04-0316:19:00

[email protected]

web.nvd.nist.gov

cve

2007

1842

directory traversal

vulnerability

jsboard

remote execution

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.097 Low

EPSS

Percentile

94.8%

JSON

Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the table parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, a related issue to CVE-2006-2019.

Affected configurations

NVD

Node

jsboardjsboardRange≤2.0.11

CPENameOperatorVersion
jsboard:jsboardjsboardle2.0.11

CPE	Name	Operator	Version
jsboard:jsboard	jsboard	le	2.0.11

References

kldp.net/plugins/scmcvs/cvsweb.php/jsboard-2/login.php.diff?r1=1.8%3Br2=1.9%3Bcvsroot=jsboard

osvdb.org/37365

www.securityfocus.com/bid/23223

www.vupen.com/english/advisories/2007/1182

exchange.xforce.ibmcloud.com/vulnerabilities/33338

www.exploit-db.com/exploits/3614

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.097 Low

EPSS

Percentile

94.8%

JSON

Related for CVE-2007-1842

cvelist3 prion3 nvd3 cve2 securityvulns2