Lucene search

[email protected]CVE-2007-3096

HistoryJun 06, 2007 - 10:30 p.m.

CVE-2007-3096

2007-06-0622:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3096

directory traversal

pblang

security

vulnerability

nvd

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.133 Low

EPSS

Percentile

95.5%

JSON

Directory traversal vulnerability in login.php in PBLang (PBL) 4.67.16.a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the lang parameter.

CPENameOperatorVersion
pblang:pblangpblangle4.67.16.a

CPE	Name	Operator	Version
pblang:pblang	pblang	le	4.67.16.a

References

osvdb.org/36985

secunia.com/advisories/25572

www.securityfocus.com/bid/24340

www.vupen.com/english/advisories/2007/2093

exchange.xforce.ibmcloud.com/vulnerabilities/34751

www.exploit-db.com/exploits/4036

7.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.133 Low

EPSS

Percentile

95.5%

JSON

Related for CVE-2007-3096

prion1 nessus1