Lucene search

[email protected]CVE-2007-3082

HistoryJun 06, 2007 - 10:30 a.m.

CVE-2007-3082

2007-06-0610:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3082

directory traversal

sendcard

vulnerability

remote attack

file inclusion

7.1 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.02 Low

EPSS

Percentile

88.9%

JSON

Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the sc_language parameter.

Affected configurations

NVD

Node

sendcardsendcardRange≤3.4.1

CPENameOperatorVersion
sendcard:sendcardsendcardle3.4.1

CPE	Name	Operator	Version
sendcard:sendcard	sendcard	le	3.4.1

References

osvdb.org/35741

www.securityfocus.com/bid/24308

www.vupen.com/english/advisories/2007/2058

exchange.xforce.ibmcloud.com/vulnerabilities/34697

www.exploit-db.com/exploits/4029

7.1 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.02 Low

EPSS

Percentile

88.9%

JSON

Related for CVE-2007-3082

prion1 cvelist1 nvd1