Lucene search

MitreCVE-2007-2482

HistoryMay 03, 2007 - 5:19 p.m.

CVE-2007-2482

2007-05-0317:19:00

mitre

web.nvd.nist.gov

cve-2007-2482

wordtube

wordpress

vulnerability

directory traversal

remote execution

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

High

EPSS

0.017

Percentile

87.9%

JSON

Directory traversal vulnerability in wordtube-button.php in the wordTube 1.43 and earlier plugin for WordPress, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the wpPATH parameter.

Affected configurations

Nvd

Node

ruben_boelingerwordtubeRange≤1.43

VendorProductVersionCPE
ruben_boelingerwordtube*cpe:2.3:a:ruben_boelinger:wordtube:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ruben_boelinger	wordtube	*	cpe:2.3:a:ruben_boelinger:wordtube::::::::

References

advisories.echo.or.id/adv/adv81-K-159-2007.txt

alexrabe.boelinger.com/

osvdb.org/45168

secunia.com/advisories/25074

securityreason.com/securityalert/2660

www.exploit-db.com/exploits/3825

www.securityfocus.com/archive/1/467362/100/0/threaded

www.securityfocus.com/bid/23737

www.vupen.com/english/advisories/2007/1615

exchange.xforce.ibmcloud.com/vulnerabilities/33996

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

High

EPSS

0.017

Percentile

87.9%

JSON

Related for CVE-2007-2482