Lucene search

[email protected]CVE-2007-2106

HistoryApr 18, 2007 - 10:19 a.m.

CVE-2007-2106

2007-04-1810:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2106

directory traversal

k-cms

remote attackers

arbitrary file execution

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

80.8%

JSON

Directory traversal vulnerability in index.php in Kai Content Management System (K-CMS) 1.0 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the current_theme parameter.

CPENameOperatorVersion
kai_content_management_system:kai_content_management_systemkai content management systemeq1.0

CPE	Name	Operator	Version
kai_content_management_system:kai_content_management_system	kai content management system	eq	1.0

References

securityreason.com/securityalert/2579

www.securityfocus.com/archive/1/464677/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/33437

7.9 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

80.8%

JSON

Related for CVE-2007-2106

prion1