Lucene search

[email protected]CVE-2007-2642

HistoryMay 13, 2007 - 11:19 p.m.

CVE-2007-2642

2007-05-1323:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-2642

remote attackers

arbitrary files

lang2 parameter

nvd

7.4 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.017 Low

EPSS

Percentile

87.6%

JSON

Directory traversal vulnerability in galeria.php in R2K Gallery 1.7 allows remote attackers to read arbitrary files via a … (dot dot) in the lang2 parameter.

CPENameOperatorVersion
r2k:r2k_galleryr2k r2k galleryeq1.7

CPE	Name	Operator	Version
r2k:r2k_gallery	r2k r2k gallery	eq	1.7

References

attrition.org/pipermail/vim/2007-May/001615.html

osvdb.org/36015

secunia.com/advisories/25261

www.securityfocus.com/bid/23938

www.vupen.com/english/advisories/2007/1783

exchange.xforce.ibmcloud.com/vulnerabilities/34238

www.exploit-db.com/exploits/3902

7.4 High

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.017 Low

EPSS

Percentile

87.6%

JSON

Related for CVE-2007-2642

prion1