Lucene search

MitreCVE-2007-2324

HistoryApr 27, 2007 - 12:19 a.m.

CVE-2007-2324

2007-04-2700:19:00

mitre

web.nvd.nist.gov

directory traversal

file.php

julmacms 1.4

remote attackers

arbitrary files

vulnerability

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.02

Percentile

88.9%

JSON

Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows remote attackers to read arbitrary files via a … (dot dot) in the file parameter.

Affected configurations

Nvd

Node

julmajannejulmacmsMatch1.4

VendorProductVersionCPE
julmajannejulmacms1.4cpe:2.3:a:julmajanne:julmacms:1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
julmajanne	julmacms	1.4	cpe:2.3:a:julmajanne:julmacms:1.4:::::::*

References

osvdb.org/35387

secunia.com/advisories/25053

www.securityfocus.com/bid/23642

exchange.xforce.ibmcloud.com/vulnerabilities/33859

www.exploit-db.com/exploits/3799

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.02

Percentile

88.9%

JSON

Related for CVE-2007-2324