Lucene search

[email protected]CVE-2008-0521

HistoryJan 31, 2008 - 8:00 p.m.

CVE-2008-0521

2008-01-3120:00:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-0521

directory traversal

remote attackers

arbitrary files

bubbling library

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.013 Low

EPSS

Percentile

86.0%

JSON

Multiple directory traversal vulnerabilities in Bubbling Library 1.32 allow remote attackers to read arbitrary files via a … (dot dot) in the uri parameter to dispatcher.php in (1) examples/dispatcher/framework/, (2) examples/dispatcher/, (3) examples/wizard/, and (4) PHP/, different vectors than CVE-2008-0545.

Affected configurations

NVD

Node

bubbling_librarybubbling_libraryMatch1.32

CPENameOperatorVersion
bubbling_library:bubbling_librarybubbling libraryeq1.32

CPE	Name	Operator	Version
bubbling_library:bubbling_library	bubbling library	eq	1.32

References

www.securityfocus.com/bid/27482

exchange.xforce.ibmcloud.com/vulnerabilities/40008

www.exploit-db.com/exploits/5001

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.013 Low

EPSS

Percentile

86.0%

JSON

Related for CVE-2008-0521

nvd2 prion2 cve1 cvelist2