Lucene search

K
cve[email protected]CVE-2008-1492
HistoryMar 25, 2008 - 7:44 p.m.

CVE-2008-1492

2008-03-2519:44:00
CWE-20
web.nvd.nist.gov
20
security
vulnerability
directory traversal
remote execution
phpaddressbook
coronamatrix
nvd
cve-2008-1492

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.9%

Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a … (dot dot) in the skin parameter to (1) index.php and (2) install.php. NOTE: it was later reported that vector 1 is also present in 2.0.

Affected configurations

NVD
Node
coronamatrixphpaddressbookMatch2.11

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.9%

Related for CVE-2008-1492