Lucene search

[email protected]CVE-2007-2200

HistoryApr 24, 2007 - 8:19 p.m.

CVE-2007-2200

2007-04-2420:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2200

directory traversal

pagode 0.5.8

remote attack

arbitrary file access

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.036 Low

EPSS

Percentile

91.5%

JSON

Directory traversal vulnerability in navigator/navigator_ok.php in Pagode 0.5.8 allows remote attackers to read and possibly delete arbitrary files via a … (dot dot) in the asolute parameter.

CPENameOperatorVersion
pagode:pagodepagodeeq0.5.8

CPE	Name	Operator	Version
pagode:pagode	pagode	eq	0.5.8

References

osvdb.org/35311

osvdb.org/35312

secunia.com/advisories/24992

www.securityfocus.com/bid/23617

www.vupen.com/english/advisories/2007/1512

exchange.xforce.ibmcloud.com/vulnerabilities/33848

www.exploit-db.com/exploits/3783

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.036 Low

EPSS

Percentile

91.5%

JSON

Related for CVE-2007-2200

prion1