Lucene search

K
cve[email protected]CVE-2007-2157
HistoryApr 19, 2007 - 10:19 a.m.

CVE-2007-2157

2007-04-1910:19:00
NVD-CWE-Other
web.nvd.nist.gov
22
cve-2007-2157
directory traversal
zomplog
security vulnerability
file parameter vulnerability

7.4 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.019 Low

EPSS

Percentile

88.3%

Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote attackers to read arbitrary files via a … (dot dot) in the file parameter.

CPENameOperatorVersion
zomplog:zomplogzomplogeq3.8

7.4 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.019 Low

EPSS

Percentile

88.3%

Related for CVE-2007-2157