Lucene search

[email protected]CVE-2008-1635

HistoryApr 02, 2008 - 5:44 p.m.

CVE-2008-1635

2008-04-0217:44:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-1635

directory traversal

vulnerability

keep it simple guest book

kisgb

security

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.8%

JSON

Directory traversal vulnerability in view_private.php in Keep It Simple Guest Book (KISGB) 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the tmp_theme parameter. NOTE: 5.1.1 is also reportedly affected.

Affected configurations

NVD

Node

raven_php_scriptskeep_it_simple_guest_bookRange≤5.1.1

CPENameOperatorVersion
raven_php_scripts:keep_it_simple_guest_bookraven php scripts keep it simple guest bookle5.1.1

CPE	Name	Operator	Version
raven_php_scripts:keep_it_simple_guest_book	raven php scripts keep it simple guest book	le	5.1.1

References

www.securityfocus.com/bid/28513

exchange.xforce.ibmcloud.com/vulnerabilities/41525

www.exploit-db.com/exploits/5324

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.8%

JSON

Related for CVE-2008-1635

cvelist1 prion1 nvd1