Lucene search

K
cve[email protected]CVE-2008-1371
HistoryMar 18, 2008 - 5:44 p.m.

CVE-2008-1371

2008-03-1817:44:00
CWE-22
web.nvd.nist.gov
18
cve-2008-1371
absolute path traversal
vulnerability
drake cms
remote attackers
arbitrary files
nvd

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

7 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.2%

Absolute path traversal vulnerability in install/index.php in Drake CMS 0.4.11 RC8 allows remote attackers to read and execute arbitrary files via a full pathname in the d_root parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD
Node
drake_teamdrake_cmsMatch0.4.11_rc8

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

7 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.2%

Related for CVE-2008-1371