Lucene search

[email protected]CVE-2007-4655

HistorySep 04, 2007 - 10:17 p.m.

CVE-2007-4655

2007-09-0422:17:00

CWE-200

CWE-22

[email protected]

web.nvd.nist.gov

cve-2007-4655

directory traversal

cgi rescue

shopping basket professional

security vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.0%

JSON

Multiple directory traversal vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and earlier allow remote attackers to list arbitrary directories, and possibly read arbitrary files, via directory traversal sequences in unspecified parameters to (1) list.cgi or (2) list2.cgi.

Affected configurations

NVD

Node

cgi-rescueshopping_basket_professionalRange≤7.51

CPENameOperatorVersion
cgi-rescue:shopping_basket_professionalcgi-rescue shopping basket professionalle7.51

CPE	Name	Operator	Version
cgi-rescue:shopping_basket_professional	cgi-rescue shopping basket professional	le	7.51

References

jvn.jp/jp/JVN%2320452446/index.html

osvdb.org/40146

osvdb.org/40147

secunia.com/advisories/26614

www.rescue.ne.jp/whatsnew/blog.cgi/permalink/20070823212803

www.securityfocus.com/bid/25500

exchange.xforce.ibmcloud.com/vulnerabilities/36389

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.0%

JSON

Related for CVE-2007-4655

prion1 nvd1 cvelist1