Lucene search

[email protected]CVE-2007-2507

HistoryMay 04, 2007 - 1:19 a.m.

CVE-2007-2507

2007-05-0401:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

directory traversal

includes/download.php

treble designs 1024 cms 0.7

nvd

7.4 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.017 Low

EPSS

Percentile

87.6%

JSON

Directory traversal vulnerability in includes/download.php in Treble Designs 1024 CMS 0.7 allows remote attackers to read arbitrary files via a … (dot dot) in the item parameter.

CPENameOperatorVersion
treble_designs:1024_cmstreble designs 1024 cmseq0.7

CPE	Name	Operator	Version
treble_designs:1024_cms	treble designs 1024 cms	eq	0.7

References

osvdb.org/35542

secunia.com/advisories/25120

www.attrition.org/pipermail/vim/2007-May/001578.html

www.securityfocus.com/bid/23774

www.vupen.com/english/advisories/2007/1630

exchange.xforce.ibmcloud.com/vulnerabilities/34004

www.exploit-db.com/exploits/3832

7.4 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.017 Low

EPSS

Percentile

87.6%

JSON

Related for CVE-2007-2507

prion1